Corruption

[nige1]

In the UK, the stench of corruption envelops local and national government. The law seems geared to encourage official corruption rather than to inhibit it.

 

Sale of public assets is suspect. For example, the privatisation of British Rail seemed to give-away billions of pounds to government-cronies.

 

Another example: government organisations and their cronies enter into ruinously expensive sweet-heart deals, called PFIs (Private Finance Initiatives). PFIs are protected from public scrutiny by CCCs (Corruption Concealment Clauses, sometimes euphemistically referred to as Commercial Confidentiality Clauses). These seem to ensure that government accepts the costs and risks. When projects are cancelled due to time and cost over-runs, you might expect contractors to suffer swingeing penalties. Instead contractors are awarded massive compensation. Government negotiators are promoted.

 

For example, multiple attempts to outsource NHS IT have cost millions and resulted in shoddy systems unfit for purpose.

 

The US NSA (National Security Agency) created Wannacry (file-encryption ransomware), which infected government and utility systems in Russia, China, and elsewhere. Lack of adequate security-systems exposed NHS systems to it. This cost the lives of patients.

 

Alleged criminals responsible should be investigated, including NHS IT negotiators and suppliers.

 

Corruption In Arms Contracts is probably worse but protected by national security.

 

Corruption costs a lot. You probably have to waste thousands to hide a few hundred pounds of corruption.

 

We can't eliminate corruption but reduction could save billions. How can we accomplish that?

 

I've a tentative protocol and I'm interested in suggestions.

[helene_t]

Free press. The best way to discourage politicians and bureaucrats from taking bribes is by giving the press the means to discover and disclose it.

[diana_eva]

What Helene says. Romania has a very corrupt system but investigative journalism managed to force a few major investigations, most notably in the public health system. We've still got a long way to go, and current government is doing everything it can to change laws in its favor (eg if you take a little bribe it's not a crime lol), but the press and orgs like rise project have been essential in exposing the corruption to the public and causing enough uproar to force the authorities to investigate.

[Zelandakh]

The US NSA (National Security Agency) created Wannacry (terrorist file-encryption ransomware),

Source? The last I heard the general consensus was North Korea... :unsure:

[Cyberyeti]

If you think the UK is corrupt at local level, you should see some of the things that go on elsewhere. We used to have a holiday home in Spain in a town that was split into 3 pieces (town/port/beach). The land between, nobody was allowed to build on. We notice a new petrol station has appeared on the prohibited land owned by ... the mayor's brother. Worse was that nobody was surprised.

[diana_eva]

If you think the UK is corrupt at local level, you should see some of the things that go on elsewhere. We used to have a holiday home in Spain in a town that was split into 3 pieces (town/port/beach). The land between, nobody was allowed to build on. We notice a new petrol station has appeared on the prohibited land owned by ... the mayor's brother. Worse was that nobody was surprised.

 

Yeah, if you click the rise project link in my previous post you'll see the scale of corruption in Romania. Basically every public function tries to steal as much as they can from the state budget or asks for bribes in order to do - well, just anything they're supposed to do. This goes from the lowest levels (assistant manager at state kindergarten asking parents for money to accept their kids in that kindergarten, despite it being free to put your kid to public kindergarten, doctor asking for money in order to perform surgery or investigations that are already covered by your health insurance, bribes to file various requests), till highest ranking politicians ripping off the budget by awarding business to their friends and relatives.

 

 

This is a fine example.

[barmar]

The US NSA (National Security Agency) created Wannacry (terrorist file-encryption ransomware), which infected government and utility systems in Russia, China, and elsewhere. Lack of adequate security-systems exposed NHS systems to it. This cost the lives of patients.

NSA didn't create Wannacry. I think they created the underlying technology that it uses, for the purpose of cyber-espionage against other countries, which is part of their mission (not corruption). It got leaked to hackers, who used it for this attack.

[Zelandakh]

NSA didn't create Wannacry. I think they created the underlying technology that it uses, for the purpose of cyber-espionage against other countries, which is part of their mission (not corruption). It got leaked to hackers, who used it for this attack.

Are you talking about TOR? That was invented by the US military as a means of anonymysing its personnel. Obviously you need to have non-military using the system in order to hide the miltary units and so it was released to the public. That was subsequently used for such things as submissions to wikileaks and the Silk Road website and has in the meantime developed into something of a thorn in the side of the intelligence agencies, as they are mostly unable to crack the encryption.

 

In any case it is certainly the case that many things get developed by the military but get used for nefarious purposes once out in the wider domain. It seems a little unfair to blame them for the altered use without any comment such as in this post!

[Hanoi5]

Free press. The best way to discourage politicians and bureaucrats from taking bribes is by giving the press the means to discover and disclose it.

 

I'm not sure this is enough. There has to be some exemplary disciplining of culprits. Take the case down here in Chile. In 2014 a banker was discovered to have funded a right-wing party with money he was not allowed to use. A couple of months afterwards the daughter in law of the president (who is left wing) was found to have acquired a MASSIVE amount of money in a loan from a bank the day after the election. Next the 'newspapers' uncovered that the toilet paper producers were colluded in order to raise prices. Supermarkets came next, they inflated the prices of chicken and some emails demonstrated that they coordinated this. But nothing really happens after each of these scandals. People continue their lives after the outrage, just waiting for the next big one to fall. Corruption has permeated society to the bones. Makes me Wannacry.

[paulg]

In the UK, the stench of corruption envelops local and national government. The law seems geared to encourage official corruption rather than to inhibit it.

 

Sale of public assets is suspect. For example, the privatisation of British Rail seemed like a billion-pound give-away to government-cronies.

 

Another example: government organisations and their cronies enter into ruinously expensive sweet-heart deals, called PFIs (Private Finance Initiatives). PFIs are protected from public scrutiny by CCCs (Corruption Concealment Clauses, sometimes euphemistically referred to as Commercial Confidentiality Clauses). These seem to ensure that government accepts the costs and risks. When projects are cancelled due to time and cost over-runs, you might expect contractors to suffer swingeing penalties. Instead contractors are awarded massive compensation. Government negotiators are promoted.

 

For example, multiple attempts to outsource NHS IT have cost millions and resulted in shoddy systems unfit for purpose.

What you assign to UK corruption is largely due to incompetence in my experience, particularly at national level.

 

For example, PFI contracts are unbelievably complex and any contractor bidding for them will have their best team on the job. Far too often the government will have given its negotiating role to a civil service team that is paid less than half their equivalent in the contractor and has probably never done the job before. The contractor will pay its lawyers better salaries and will be used to bidding for such projects. Most importantly, they are likely to have a far better understanding of the risks of the project. It is no surprise who gets the best deal in such circumstances.

 

When you look at NHS IT, a project that I have been involved in, it is very similar. It was an immensely complex and large project, and even the smallest aspects touched so many different institutions and parts of Government. Like so many Government IT projects, it was very difficult to understand who the customer is and near to impossible to get a coherent set of requirements. The IT suppliers reflect this confusion and complexity in their prices and risk assessments, but most projects failed because the customer (whichever part of Government it was) could not meet their contractual obligations. This is government incompetence and inexperience, not corruption.

 

Selling off public assets is a complex project but also a political decision. The political drive to make it appear successful guarantees that it will be sold cheaply because this is only way to minimise the risk of failure.

 

Basically, when you don't hire the best people you don't get the best decisions.

[helene_t]

Agree with Paul wrt those specific examples but from my experience as a civil servant, corruption is a real problem. The government s scientific advisers often pay lip service to conclusions dictated by the governing

party's sponsors.

 

Which lead me to another medicine against corruption: a political system that makes it impossible for a single party to dominate the government

[Cyberyeti]

Agree with Paul wrt those specific examples but from my experience as a civil servant, corruption is a real problem. The government s scientific advisers often pay lip service to conclusions dictated by the governing

party's sponsors.

 

Which lead me to another medicine against corruption: a political system that makes it impossible for a single party to dominate the government

 

Or not allow political sponsors and that means public funding for political parties.

[Al_U_Card]

Or not allow political sponsors and that means public funding for political parties.

Political appointees. When the major portion of government spending goes into government, you get a sort of self-perpetuating process. Too many hogs at the trough? Enlarge the trough...

[nige1]

I agree with most of what Paul Gipson writes: Government is less efficient than private enterprise. Unfortunately that consideration also applies when the former negotiates a contract with the latter. So out-sourcing can be expensive. For example, the history of failed NHS IT projects spans a quarter of a century. e.g. Wessex NHS IT fiasco.

 

Nobody seems to learn from basic project-management mistakes. e.g.

• Inadequate control. You should avoid any hint of conflict of interest. You need inspiring leaders, capable of accurate documentation. Important goals are simplicity and security. Your specification should nail down everything it can. Preferably as a series of orthogonal modules that can be delivered piece-meal. Changes are inevitable, however, and you must sign-off and monitor them. You should high-light them in the original spec, so that you have a single comprehensive consistent document, from which to work. You should employ only one supplier (who may subcontract if necessary). The purchaser and supplier should appoint separate managers, authorised to negotiate quick decisions binding on both parties.
• Lack of buy-in. You need to consult end-users, initially and continuously. You should try to win their approval and support but be prepared for Luddites. You should ask them what they want and explain how you hope to help them. You should prototype user-interfaces, if possible. Typically, end-users have a better idea of how things work than their managers. Especially true in the NHS. More controversially, IMO, you must consult with customers.
• Poor communication between/among purchaser, supplier, and other concerned parties. You need to monitor/audit progress, detecting problems early, escalating concerns. If you grasp the nettle that you've encountered insurmountable problems, then you can abandon the project early, and save a lot of time and money.

[paulg]

Nobody seems to learn from basic project-management mistakes. e.g.

• Inadequate control. You should avoid any hint of conflict of interest. You need inspiring leaders, capable of accurate documentation. Important goals are simplicity and security. Your specification should nail down everything it can. Preferably as a series of orthogonal modules that can be delivered piece-meal. Changes are inevitable, however, and you must sign-off and monitor them. You should high-light them in the original spec, so that you have a single comprehensive consistent document, from which to work. You should employ only one supplier (who may subcontract if necessary). The purchaser and supplier should appoint separate managers, authorised to negotiate quick decisions binding on both parties.
• Lack of buy-in. You need to consult end-users, initially and continuously. You should try to win their approval and support but be prepared for Luddites. You should ask them what they want and explain how you hope to help them. You should prototype user-interfaces, if possible. Typically, end-users have a better idea of how things work than their managers. Especially true in the NHS. More controversially, IMO, you must consult with customers.
• Poor communication between/among purchaser, supplier, and other concerned parties. You need to monitor/audit progress, detecting problems early, escalating concerns. If you grasp the nettle that you've encountered insurmountable problems, then you can abandon the project early, and save a lot of time and money.

It is this basic and naive approach that the Government project managers try to adopt but it completely underestimates the complexity of the project. There are multiple Government departments who are stakeholders, most of whom are in competition with each other and have different goals. Some of the hospital trusts are very big, with budgets approaching £1bn, with hugely competent IT departments and developing and delivering solutions for them is very different to your local GP who unplugs their laptops and has a cleaner who switches off the wifi router at the end of each day.

 

End-users, like nurses and consultants, had little interest in supporting the project - they are people who care about patients, not IT, and there are always patients who need care and will take priority over responding to your requests for meetings about requirements. They never bought in to the benefits of the programme.

 

Then there was the conflict between the Department of Health, who basically wanted standardised IT services across the NHS to reduce cost, and the Treasury who wanted the hospitals to compete when providing patient services, again to reduce cost. For the largest hospitals, one of the few ways to compete effective was to deliver better IT services than standardised ones: so they didn't want or need the service. These hospitals were, naturally, the biggest customers and their lack of support due to incoherent government policies ensured that the project could not succeed.

 

There are very few project managers in the UK who are capable of running these mega-projects. You do not tend to find them in the civil service.

[Zelandakh]

I think credit where it is due is also worth bringing up here. One of the most successful large projects in recent times, one that has had a major impact on project management internationally, is Heathrow Terminal 5. That this happened in a government-run project was a huge surprise to everyone. An innovative approach in which the goverment effectively took on extra risk voluntarily in exchange for having more transparency and control turned out to have enormous benefits and is being taught and copied around the world. So while government-private collaborations have traditionally been a dismal failure, it does not have to be the case and there is evidence that things are improving somewhat, at least some of the time.

[paulg]

The programmes about the building of Crossrail (http://www.crossrail.co.uk/construction/) have been fascinating, showing a microcosm of the complexities of a major engineering project. Makes IT projects look simple!

[Cyberyeti]

The programmes about the building of Crossrail (http://www.crossrail.co.uk/construction/) have been fascinating, showing a microcosm of the complexities of a major engineering project. Makes IT projects look simple!

 

Did you see the one on the viaduct over the gorges du Tarn near Millau.

 

The planning stuff wasn't as difficult as crossrail, the engineering however is amazing.

[barmar]

Are you talking about TOR?

No, the SMB bug that Wannacry exploited to infect computers.

[barmar]

When you look at NHS IT, a project that I have been involved in, it is very similar. It was an immensely complex and large project, and even the smallest aspects touched so many different institutions and parts of Government. Like so many Government IT projects, it was very difficult to understand who the customer is and near to impossible to get a coherent set of requirements. The IT suppliers reflect this confusion and complexity in their prices and risk assessments, but most projects failed because the customer (whichever part of Government it was) could not meet their contractual obligations. This is government incompetence and inexperience, not corruption.

Is it incompetence, or just a project that's so large and complex that it's practically impossible to manage it well?

 

You might counter that there have been other projects that were enormously complex, but succeeded, like getting men to the moon and large infrastructure projects like subway and rail systems. But I'm not sure we can make that analogy. First, these were relatively self-contained and well-constrained. Second, they were given plenty of time for implementation (Kennedy set a goal of getting to the moon by the end of the decade, but as long as we beat the Russians we'd have been happy). In contrast, NHS IT had to deal with merging hundreds or thousands of existing systems that were never intended to be compatible with one another. Just figuring out all the competing requirements was difficult -- it had to accomodate different priorities at different levels of the organization.

[nige1]

It is this basic and naive approach that the Government project managers try to adopt but it completely underestimates the complexity of the project. There are multiple Government departments who are stakeholders, most of whom are in competition with each other and have different goals. Some of the hospital trusts are very big, with budgets approaching £1bn, with hugely competent IT departments and developing and delivering solutions for them is very different to your local GP who unplugs their laptops and has a cleaner who switches off the wifi router at the end of each day.

 

End-users, like nurses and consultants, had little interest in supporting the project - they are people who care about patients, not IT, and there are always patients who need care and will take priority over responding to your requests for meetings about requirements. They never bought in to the benefits of the programme.

 

Then there was the conflict between the Department of Health, who basically wanted standardised IT services across the NHS to reduce cost, and the Treasury who wanted the hospitals to compete when providing patient services, again to reduce cost. For the largest hospitals, one of the few ways to compete effective was to deliver better IT services than standardised ones: so they didn't want or need the service. These hospitals were, naturally, the biggest customers and their lack of support due to incoherent government policies ensured that the project could not succeed.

 

There are very few project managers in the UK who are capable of running these mega-projects. You do not tend to find them in the civil service.

Critics agree with Paulg that the top-down approach can be unsuitable for massive comprehensive IT projects for enormous sophisticated fragmented bureaucracies with convoluted festering internal politics. To commit to such an ambitious project you need adequate preparation. You must be completely satisfied that there is a reasonable prospect of successful completion. For example, in the NHS, you might, instead, decide to pilot such a project at a single hospital. Your pious hope would be to scale it up later (when/if politically feasible). That might give you time to try to tackle seemingly intractable underlying problems e.g. simplifying and stream-lining management. Yes Minister stuff :(

 

I fear, however, that incompetence is not the main reason for expensive over-runs. Every fortnight Private Eye (UK satirical magazine) draws attention to conflicts of interest, not just in NHS contract-tendering. For example, when local authorities outsource or grant planning permission. And the impression is that such cases are the tip of an iceberg.

 

As Diane Eva points out, governments also legislate to sanitize practices that most of us would regard as corrupt. e.g. MPs who accept "consultancy" roles. fail to recuse themselves, "forget" to declare an interest, and so on. During the Westminster expenses scandal, we were amazed at the leniency, with which the Inland Revenue had treated MPs.

 

A recurrent theme is that bad guys are promoted. At best, whistle-blowers lose their careers.

[barmar]

Critics agree with Paulg that the top-down approach can be unsuitable for massive comprehensive IT projects for enormous sophisticated fragmented bureaucracies with convoluted festering internal politics. To commit to such an ambitious project you need adequate preparation. You must be completely satisfied that there is a reasonable prospect of successful completion. For example, in the NHS, you might, instead, decide to pilot such a project at a single hospital. Your pious hope would be to scale it up later (when/if politically feasible). That might give you time to try to tackle seemingly intractable underlying problems e.g. simplifying and stream-lining management. Yes Minister stuff :(

That doesn't really work -- different scales require completely different designs. Something works in 1 or 2 hospitals won't necessarily work in thousands, and you can't just "scale it up".

 

Projects like this are inherently nebulous.

 

That said, I think there's a problem that governments these days are not willing to invest and spend as much as they once were. During the space race, NASA probably had practically unlimited funding, so they could hire the best people and as many as were needed. The same thing with the Manhattan Project.

 

These days, people are more distrustful of governments, and governments are also burdened with huge pension expenses. It's much harder for them to justify the cost of hiring the best people for these projects; they hire the lowest bidder, and get what they pay for. Here in the US we have Trump proposing to slash the federal budget to shreds, cutting projects and agencies left and right.

 

Again, not really incompetence, just political realities.

[paulg]

Is it incompetence, or just a project that's so large and complex that it's practically impossible to manage it well?

As an IT person who understands some of the problems, it is easy to think that major projects in other disciplines are easier but I'm pretty sure this is not the case. I'm sure a single vision is always a big help!

[nige1]

That doesn't really work -- different scales require completely different designs. Something works in 1 or 2 hospitals won't necessarily work in thousands, and you can't just "scale it up".

Simulation can help. I think Barmar exaggerates the technical problem of scaling, nowadays. Integration does imply additional functionality. I guess that the problem is mainly political -- but that can still mean it's insurmountable :(

[paulg]

Simulation can help. I think Barmar exaggerates the technical problem of scaling, nowadays. Integration does imply additional functionality. I guess that the problem is mainly political -- but that can still mean it's insurmountable :(

Although I've been critical of aspects of the project, the technical people were not completely clueless. Of course pilot projects were established and run, but scaling them was a huge issue especially when you consider how different some of the customers were. A large hospital tended to have a reasonable network infrastructure, but not one that could move x-ray images around in any volume. Some GP surgeries had a dial-up connection or slow broadband, so moving any information was problematic. Hospitals and the GPs are 'live' environments and they do not have staff available to help with pilot installations, nor do they permit any interruption to their existing (IT) services.

 

Everything proves to be far more complex than the simple picture that the politician will present. And, in the end, one of the project killers was privacy and security concerns. The idea is that your medical record is available to clinicians at hospitals and GP surgeries, so that it is available if you are in an accident away from your home area. A Scottish doctor was then caught perusing the medical records of leading politicians. Trust was lost.

 

Although the mega-project failed, improved networks and security has led to partial implementation of some services as originally envisioned.