Tag Archive for: Public Sector

“The public sector needs more dialogue and less garden-variety thinking”

Von Alessia Neuroni , Kathrin Schmidt | 0 Comments

21. January 2020/0 Comments/in E-Government EN, Interview EN /by Alessia Neuroni

In order for the public sector in Switzerland to really take off digitally, there needs to be a cultural change in which all those involved have to overcome the “garden-variety thinking” that often still prevails. Thefederal government, cantons and municipalitiesinparticular should network more closely beyond their borders, says e-government expert Alain Gut, Director of Public Affairs at IBM Switzerland. From your point of view, how has the public sector transformed over the past five years from a business perspective? Are you satisfied with today’s maturity? The public sector has improved technologically in the last five years, but only very slowly. It still takes a lot of time to get to grips with new technologies and their possible influences and then to initiate corresponding projects. One benchmark in the public sector continues to be progress in eGovernment, and Switzerland is not really making much progress in this area. In comparison with other countries, we are not necessarily getting worse, but the others are getting better. In this sense, we can’t be satisfied with the Matura either. We are years behind with important basic services such as a functioning and widespread E-ID. Although we are (still) considered an innovative country, it is difficult for the public sector to accept and implement new developments. Political framework conditions and our pronounced federal system do not help to ensure a little more flexibility and sometimes speed. When we talk about transformation: Where should the public sector go? What are the expectations of the economy? One major obstacle to transformation is certainly procurement law, which imposes very tight constraints on both the administration and the providers. This also means that larger projects take a very long time and are often in need of “renovation” by the time they are implemented. With more dialogue (this is provided for in the old as well as the new procurement law), better and more innovative solutions could certainly be found. In addition, it is absolutely essential that a cultural change takes hold in the public sector. With today’s and tomorrow’s technological possibilities and the necessity of continuous end-to-end processes, the “garden-variety thinking” of departments, directorates, divisions and offices must become a thing of the past. This requires the political will and the necessary technological understanding of the executive and an administration that, as one unit, enables its customers, the citizens and the companies, to have modern and simple interactions around the clock. How does innovation happen in the public sector? This is a question that has occupied me ever since I have been involved in the public sector, and that is quite a few years now. What are the characteristics of an innovative culture? They certainly include creativity, trust in employees and the acceptance of mistakes – in other words, you have to be prepared to take risks – and a distinct and transparent communication behaviour. It is certainly not presumptuous to claim that these are not the distinctive behavioural characteristics of an administration. Moreover, procurement law almost does not allow the public sector to conduct pilot projects or tests together with suppliers. On the one hand, the administration wants to avoid invitations to tender for this, if possible, and on the other hand, providers do not want to expose themselves to a preliminary consultation and contribute know-how without being able to count on a corresponding contract. Innovation therefore needs an appropriate cultural environment and framework conditions that allow for innovative ideas. The OECD has developed a framework that summarises the problem very well: People, Knowledge, Ways of working, Rules and processes. On 20 November 2019, the Federal Council adopted the eGovernment Strategy Switzerland 2020-2023. The binding regulation of cooperation between the Confederation, cantons and municipalities is emphasised in this strategy. In this context, the final report of the “Digital Administration” project of the FDF and the CCC, which was published at the end of October, mentions three variants, according to which the third variant is the establishment of an authority that would be responsible primarily for transversal matters. Whatdo you think of the proposed models? It is gratifying that it has been recognised at all levels that a change in strategy is needed in the area of eGovernment and digital administration in order to be able to master the technological challenges. The proposed models are a typical Swiss compromise. Actually, everyone wants the best, third variant, but they are aware that in our federal system the necessary (legal) framework makes this (almost) impossible and takes a lot of time. The pressure for a nationally coordinated solution is probably also too low; our administrative apparatus still functions too well for that. The police forces also have a comparable project with HPi (Harmonisation of Swiss Police IT). After eight years, the results achieved are manageable and many hurdles of an organisational, legal and project-related nature had to be overcome. The “Digital Administration” project is about governance and cooperation. Should we urgently put other aspects on the agenda? The “Digital Administration” project covers the most important areas such as strategy, standards, innovation, services and networking very well. As always, it is not the strategy itself that matters, but how the strategy can be implemented. In principle, it is understandable that the Confederation, the cantons and the municipalities see themselves as responsible. That is certainly right. It would be desirable if there were more cooperation with the economy and science. Whether this takes place in the form of PPPs (Public Private Partnerships) or in working groups is secondary. What is important is the exchange of ideas and possibilities, working together to find the best solutions and the broad anchoring of results at all levels of government, especially among the population. We have invested a lot in projects and services in recent years. Brussels gives us bad marks because we are lagging behind in an international comparison in the area of basic services (cf. EU benchmark 2019). Which basic services should be prioritised? What is planned in concrete terms? Where do you see the challenges? Certainly, electronic identity, digital mail (electronic sending of documents and information between the state and the population/companies), eDocuments (documents can be securely downloaded and uploaded) and authentic sources (authorities fill out forms with known data in advance) should be prioritised. The basis of all this, however, is the electronic identity. It is in itself a prerequisite for all official processes. Switzerland’s new eGovernment strategy provides for corresponding measures in the area of basic services and infrastructure. Standards and interfaces must be created for this purpose. Without these, identity, access and data management can hardly be implemented. The Confederation, cantons and municipalities are challenged here. However, it must always be borne in mind that Switzerland is not on an island. The interfaces must also enable electronic exchange with other countries, especially from the EU. A referendum is likely to be held against the E-ID bill. Opponents of the bill believe that proof of identity is a sovereign task that cannot be left to the economy. Is this basically a question of trust or rather the role of the state in the digital age? It is about both. The state must in itself be able to offer an electronic identity. Why it does not want to do this under the new E-ID law is a matter in itself. The idea is that the state will check the identity and that the solution itself will be provided by third parties. Whether the state can be forced to do this by a possible referendum remains to be seen. Nor is this an ideal starting position and would delay the introduction of electronic identity by years. More important than who issues it is that the solution fulfils the necessary “blindness”, i.e. that no one – not even the issuer of the E-ID – can see who has carried out a transaction with whom. This is the prerequisite for trust in the electronic identity. The role of the state in the digital age is an exciting and still unresolved question and will require an intensive dialogue between the state, the population, companies and, above all, politics. At a panel discussion at the2019 networking event “Digital Administration for the Benefit of All”, Michel Huissoud, Director of the Federal Audit Office , proposed taking a constitutional initiative to redesign the administration of basic registers.Would this be the right approach to launch the public discourse on the topic of data policy? A constitutional initiative would certainly be one way to launch a broad discussion on the topic of data policy. However, there are already some efforts to raise awareness about the handling of data and to bring it onto the political stage. Open government data, data governance, data portability and Swiss Data Space are just some of the terms that are relevant in the context of a data policy. For Europe, IBM has developed such a vision for the year 2024 – “For a responsible, open and inclusive digital Europe”. An accepted data policy is necessary not only for eGovernment, but also for initiatives such as eHealth or eMobility. Open data as the new raw material not only of digital administration, legal requirements and framework conditions that make Switzerland an attractive data location must be the goals of data policy. After the major scandals involving social media platforms that spread dangerous information and misuse personal data to an unprecedented extent, there is in itself a high degree of sensitivity to the topic of data. But here, too, the administration, the economy, science and politics are needed. Only together can a data policy be established. In your opinion, which topics should be included in the political discourse? Is the Swiss public sector ready for artificial intelligence? Basically, the public sector should deal with all new technologies. Whether blockchain, artificial intelligence, quantum computing or hybrid clouds, they will all influence the public sector. However, it will be necessary for the public sector to integrate both the traditional and the new systems. This requires both business expertise and knowledge of new technologies. It is actually not only a matter of “integrating” them with each other, but also of transferring them into each other. A culture of agility and innovation is becoming increasingly important. Understanding an administrative process and how technology can be embedded in that process will be the key factor for the future success of the public sector. In this sense, people are also not (yet) ready for a concrete use of artificial intelligence. And here, too, it is important to keep regulation in check. The Federal Chancellery (with NZZLibro) has just issueda publication on Switzerland 2030 :What does digital administration look like in 2030? And based on that: What are the next steps? There are only ten years left for digital administration 2030. That is very little time for the administration. However, if we succeed in implementing all strategies – such as the eGovernment Strategy or the Digital Administration Strategy – as planned, Switzerland will certainly be in a better position than it is today. However, there is a great danger that we will not succeed in introducing new technologies, such as 5G, in time. The Confederation has an important role to play here in sensitising the population in advance and preparing the relevant information. Digitalisation is increasingly becoming the driving force for innovation in the economy and society. It is necessary to proactively seize the opportunities of this transformation in order to position Switzerland as an innovative and competitive business location in the future. It is therefore important that employees in the public sector – regardless of whether they are men or women – are given new perspectives and are appropriately empowered for the new jobs and skills. Let’s see digitalisation as an opportunity – also for the public sector!

About the person

Dr Alain Gut is Director of Public Affairs at IBM Switzerland. He is involved in numerous commissions and committees on the topics of education and IT, cyber security, mobility and data policy.

Create PDF

None found

E-Government EN,Professional Contribution EN

Use of mobile identity solutions within the framework of electronic ID

Von Pascal Müller , Lorena Wehner , Katinka Weissenfeld | 0 Comments

26. April 2019/0 Comments/in E-Government EN, Professional Contribution EN /by Pascal Müller

The need for a digital means of identification is growing. In Switzerland, electronic identity (eID) is regulated by the eID Act and provides, for example, for a division of tasks between the state and the authorities. The question therefore arises to what extent a mobile device can support identity verification, regardless of whether one actually uses a service via smartphone or the device is only used for identification and authentication. While the challenges regarding security and data protection are becoming increasingly greater in the age of Big Data, the need for an identity solution with a high level of user-friendliness is becoming more and more important. At the European level, the establishment of a digital single market is being driven forward. Switzerland, for its part, has adopted the “Digital Switzerland” strategy. Both developments require the realisation of a trustworthy electronic identity to authenticate companies and individuals for electronic transactions with authorities. However, the successful implementation and the associated acceptance of electronic identity solutions depends very much on how user-friendly and simple such a solution is perceived to be.

Identification with the smartphone

One identity solution that is perceived to be highly user-friendly is identification via mobile devices such as the smartphone. However, the security and data protection aspects for such mobile identity solutions have not yet been conclusively clarified for Switzerland. Particularly for transactions with sensitive data, mobile identity solutions are not yet widespread in Switzerland. Mobile identity solutions are also rarely used for e-government services. In general, the demands that citizens place on eGovernment services are very high. On the one hand, the protection of privacy must be guaranteed, and on the other hand, it should be possible to use the services around the clock, regardless of the device. Obtaining services and carrying out transactions via smartphone or tablet are now commonplace for many citizens. The MobileID mobile identity solution that exists in Switzerland is operated by Swisscom, Salt and Sunrise and, in contrast to the electronic identity (eID), uses not only the internet but also the radio network of the three companies. To obtain the MobileID in Switzerland, it is necessary to obtain a PKI-enabled SIM card and own a smartphone. Other possible and existing forms of mID abroad are chip-based (Sweden) and blockchain-based (Slovenia and Canada) mIDs. MobileID is only used sporadically in Switzerland (e.g. PostFinance), but for e-government services the question arises for which services and in what form the mobile device can and should support identity verification.

Already widespread abroad

A look at the administration abroad shows that electronic identity solutions go beyond chip cards and USB sticks and that successful integrations with smartphones do exist. The following solution elements can be found in the mobile identity solutions that exist on the market so far:

Federated identity: A Mobile ID (mID) is able to be used in different IT systems and websites.
Two-factor authentication: A mobile device such as a smartphone can be used as a second factor for authentication. This second factor can consist of either knowledge, possession or characteristics. In terms of mobile devices, this means that possession of a SIM card and/or a smartphone represents a second factor.
Mobile digital signature: SIM cards are able to use cryptographic operations. Here, a Wireless Public Key Infrastructure (WPKI) is set up, through which the user receives a digital certificate via SIM card, which he can then use several times and at different websites. It is also possible to make a digital signature legally equivalent to a physical signature.

In Finland there are over 300 services where the so-called mID is applied. In the area of social insurance, healthcare, but also as a state-recognised signature, the mID is used intensively in Finland. According to Finnish law, mobile signatures are legally equivalent to physical signatures.

Figure: Process of mID use in Moldova (Source: Moldovan government, 2014)

In Moldova, an mID solution has already been in use since 2012. Registration takes place within 15 minutes and the solution is based on strong authentication. Especially in the business-to-government sector, mID is used, but also in areas of tax returns and social insurance. Around a quarter of social security forms are verified by mID in Moldova, for example.

Identification via SIM card

In Estonia, too, mID is based on the SIM card. The certificate is always valid for three years and must then be replaced. Electronic signature and mobile authentication are based on PKI SIM cards. Almost all online service providers in the public and private sectors in Estonia accept the mID as a solution for identification and authentication. Thus, the mID is used almost everywhere in Estonia, i.e. for example for vehicle registration, driver’s licence registration, healthcare, social security, as a state-approved signature, tax declaration, business registration and elections. These examples of mobile identity solutions are almost all implemented on the basis of PKI-enabled SIM cards. However, mobile identity solutions have only gradually developed into a viable solution thanks to pioneering efforts and certain failures. It is striking that in each of the countries studied, as in Switzerland, there is only one mobile identity solution. The success factor is always the nationwide cooperation between the authorities and telecommunications companies. In addition, the support of the private sector and a high number of usable services from the public and private sectors are crucial.

Moldova creates smart applications without eID

In Switzerland, there are only a small number of business cases so far, which is why a mobile identity solution currently offers little added value for identification and authentication with a mobile identity solution. However, the foreign examples also show that the use, for example, for vehicle and driver’s licence registration is not complex and at the same time offers a very large added value for user-friendliness. Countries like Estonia show what could potentially be done with a mobile identity solution by using mID in almost all areas. Moldova also demonstrates that no eID is needed at all if the mobile identity solution is supported by all stakeholders. If the success factors of the leading countries are extrapolated to Switzerland, it can be stated that the cooperation of all telecommunication companies has already taken place and therefore a good basis has been laid. The telecommunication companies are state-certified Identity Providers (IdPs), which already carry out identity checks on citizens when they obtain an ordinary SIM card. However, as the success of a mobile identity solution depends on the number of usable services in the private and public sector, federalism seems to be a particular obstacle with regard to interoperability in the public sector, and this disadvantage also applies to the eID. Cantons would have to harmonise services related to the implementation of MobileID use in order to benefit from the positive synergy effects.

References

Estonian Government (1 April 2017). Using mobile ID. Retrieved 9 September 2018 from Id.ee: https://www.id.ee/index.php?id=36884 Gemalto (16 December 2014). White Paper National Mobile ID schemes – Learning from today’s best practices. (Gemalto, ed.) Retrieved 28 August 2018 from Gemalto Government Programs: http://www.id-world-magazine.com/wp-content/uploads/WP-Gemalto-MobileID-overview-EN.pdf Gemalto (2018). Expand your national identity system. Retrieved 17 October 2018 from Gemalto Mobile ID: https://www.gemalto.com/govt/coesys/mobile-id GSMA (11 July 2013). Finnish Mobile ID: A Lesson in Interoperability – An Executive Summary. Retrieved 28 August 2018 from GSMA: https://www.gsma.com/identity/wp-content/uploads/2013/07/SC_GSM_288_Finland-Mobile-ID-executive-summary-100713-v4.pdf Moldovan Government. (14 October 2014). Case Study. Retrieved 29 August 2018 from eGov Moldova: www.egov.md/ro/file/3695/download?token=7fnIFJzO