April 7, 2013 By Bill Schrier
A long, long time ago in a galaxy – well, actually, a City – far away, I was a police officer - a street cop. I witnessed some of the most horrific episodes of my life as I came upon scenes of automobile collisions with gruesome injuries. I also wrote my share of speeding tickets (and no, I did not have a quota!) and arrested a fair number of drunk drivers.
New technology, however, heralds the potential for an end to automobile collisions, speeding tickets, drunk driving and even most traffic management. Gee, there’s even the possibility that the traffic jam may be relegated to the dustbin of history (along with the dustbin itself, I might add).
A combination of technologies is maturing which foretells such a future.
The first one, of course, is the driverless car. Google has been at the forefront of prototyping that vehicle, to the point where California and Nevada have both passed laws explicitly allowing such vehicles on their roads. Beyond Google, most of the major automobile manufacturersare also testing driverless vehicles. And it’s only a matter of time before such vehicles are regularly driving our roads.
Next, we are seeing the appearance of the “vehicle area network” and “networked vehicles”.
I just purchased a new 2013 Toyota Prius C (and then promptly crashed it in a minor accident – subject matter for a different blog post). When I plugged my iPhone into the Prius to charge it, the Prius recognized the iPhone and linked to it, and offered the ability to use the iPhone’s cellular connection to link the Prius’ own touchscreen display, maps and apps to the wider world. Toyota also has an “entune” appfor this purpose.
We’ll see much more of this in the future – where cars are linked to the Internet. BMW already connects most of its vehicles worldwide to collect performance data via Teleservices. GM’s Onstar has been around for a number of years. Insurance companies are starting to offer discounts for good drivers who consent to put a monitoring devicein their vehicle to sense sudden starts and stops, speeding, and other actions which may be dangerous (or at least insurance companies think are dangerous).
Future vehicles will have networks which link the vehicle to all your personal devices – keys, smart phone, tablets, DVD players and more, to keep you “connected” and in control on the highway.
Furthermore, cars will talk to each other. They could exchange location information, proximity information, directional information and much more. In this fashion cars might be able to avoid each other or allow for smooth lane changes and turns without colliding.
A related development is the instrumentation of the highway.
I had the privilege of working with the Seattle Transportation Department, which was at the forefront of intelligent transportation systems (ITS), when I was City CTO there. Today ITS means, for the most part, traffic sensing and detection devices to time traffic signals, extensive networks of traffic cameras linked with fiber cable, readerboards on streets, and some novel technologies like traffic time estimators and displays. Mobile apps are all the rage, of course, to display traffic conditions. Seattle just launched an amazing mobile app which actually shows live video from traffic cams on your smartphone.
Indeed, the City of Los Angeles just became the first major City worldwide to automate all of its 4,500 traffic signals, synchronizing them. That will reduce travel times somewhat, although our experience with expansion of capacity (e.g. building new freeways or widening them) is just that more traffic is generated.
But sensors and instrumentation can be taken a step further.
Almost everything in the roadway could, of course, be instrumented – sensors in guard rails, school crosswalks, stop signs, bridges. Such sensors might not only collect information but also broadcast it to traffic management centers or, indeed, nearby vehicles.
Your car would know when you are approaching a stop sign and automagically apply the brakes – gee, the “California stop” might become thing of the past. As you approached a school zone during school hours, your car would automatically slow to no faster than the allowable speed. Radars or sensors in the vehicle would detect the presence of children and stop for them – indeed, if every child was somehow sensor-equipped, they might never be struck by cars whose intelligent management systems would automatically avoid them. (And no, I am NOT going to discuss the potential for placing microchips in human beings, although some sort of sensor attached as a smart phone or bracelet or watch DOES have its advantages!)
And you can see where this is leading – as cars become more “intelligent” with their own networks and sensors, and roads become more “intelligent” with their own sensors, networks and computers, the need for human drivers may become irrelevant.
Speeding tickets, collisions, accident investigations, even automobile deaths might become history.
This, of course, has many implications for local and state governments:
I don’t expect to see this traffic "nirvana" anytime soon. But I clearly see it on the horizon. Yes, there will be a lot of disruption and both loss of jobs and creation of new, unknown ones.
But I welcome the day when grandparents are not killed and ripped from their families by drunk drivers. I hope to see over 36,000 Americans saved from needless death and 3.9 million from injury at the hands of automobiles and their drivers.
March 10, 2013 By Bill Schrier
"The Department of No". "The Geeks in the Basement". "Expensive Projects, Always Late".
Increasingly, many IT departments – and their CIOs – are becoming irrelevant to the business of government.
Peter Hinssen is a visiting lecturer at London Business School and a senior industry fellow at the University of California Irvine's School of Business. He recently wrote a provocative article on this subject, focused on CIOs and IT departments in the commercial sector.
But, as I thought about it, many of the same criticisms apply to government CIOs and my own experience as a City CIO.
Perhaps we can really trace IT department irrelevance back to smart phones. I remember when I was approached by Seattle’s Police Chief and Human Services Department director in about 2004 regarding BlackBerrys. As those City business leaders attended conferences, they saw their counterparts doing email on their cell phones. "Bill, why can’t we do the same?"
Luckily I was smart enough to investigate RIM and lucky enough that RIM (now branded BlackBerry) had a robust enterprise solution which catered to my IT department. We quickly put up a BlackBerry Enterprise Server (BES) and at last count more than 1000 BlackBerrys powered by Sprint and Verizon were in use by City of Seattle employees.
I wasn’t unique, of course – most CIOs and IT departments embraced BlackBerrys.
The problem of course, is that danged fruit company, Apple. They launched the iPhone about six years ago and the iPad a couple years later. Apple didn’t give a dang about Enterprises. It's "their way or the BlackBerry way". No management software for IT departments. Most IT departments resisted the iPhone and iPad trend citing security, public records act, and lack of manageability. But City and County employees quickly embraced them.
Suddenly, the IT department was irrelevant. I've blogged about this before, especially when Seattle elected a new Mayor, Mike McGinn, in 2009, and he and his staff brought iPhones to work and said "hook us up". But we see this trend in many other things.
You want a constituent relationship management system? Salesforce can be up in a day for a few thousand bucks (depending on number of users. Installing a CRM in the traditional manner, especially with RFP and customization, takes 18 months and hundreds of thousands of dollars.
You want to share files? You can install and customize sharepoint, which works pretty well, or go with any one of a number of document management systems. Again, 6 to 18 months, hundreds of thousands or millions of dollars. But Dropbox or Box.com can be up and working in minutes.
You need to spin up a few dozen servers and a couple terrabytes of storage quickly to support an election application or another urgent need? You can spend hundreds of thousands of dollars and months buying and installing equipment, then configuring and patching it, or you can go contract platform-as-a-service from Microsoft Azure or Amazon Web services or others.
You need office software like word processing, spreadsheet and an email client? You can spend five million dollars and three years justifying budget, planning, installing and training users (like we did at the City of Seattle), or you can go contract for Microsoft Office 365 in the cloud or Google Apps and have it up in weeks. (In fairness to the City, we did our email/Office project before cloud services for Office products were widely available.)
I talked to a CIO last week who thankfully stopped the deployment of over 10,000 desk telephones in her organization. Desk telephones a tiny little window for displaying information and without video conferencing, presence or most other features found on even low-end cell phones these days.
Traditional IT folks will point to a variety of problems with my examples, of course – the cloud-based systems have security issues and they are not robust (supporting thousands of users). And they are not configurable to the unique requirements of a city, county or state government – although I’m convinced most of the "unique requirements" are actually just job security for those employees rather than true "requirements". That’s the subject for a future blog post.
Ok, I’ve made my point about infrastructure. It's a commodity. It’s easily purchased on the outside. This is one problem. Here’s the greater one: while CIOs and IT departments spend their time on software and services like those above, there are a ton of unmet needs. And, frankly, line-of-business departments are now tech saavy enough (thanks again to smartphones, tablet computers, and downloadable apps or software as a service), that they can go contract to meet these needs directly, by-passing the IT department. Here are a few examples:
Is there a way out of this hell and dead-end of irrelevance for the Government CIO? I think there may be, with the trend we’re seeing for Chief Innovation Officers and Chief Digital Officers. I’ll blog about that in the near future.
In the meantime, I’m going back to configuring my server!
February 4, 2013 By Bill Schrier
The New York Times had the audacity to research and write a story critical of Chinese Prime Minister Wen Jiabao’s family. In return for its journalism, the Chinese government apparently unleashed a four-month long hacker attack against the Times stealing, among other data, every one of its employees’ passwords. This effort was apparently searching for the sources for the story. Ars Technica has a short, frightening, account of the hack.
And, of course, the Chinese government succeeded – would people crticial of the regime dare to talk to the New York Times now, knowing its technology can be hacked?
There are many related and frightening stories – the Wall Street Journal was attacked, a power station in the United States has been offline for three weeks due to an attack based on a USB drive, and, of course, Anonymous (or someone) has been hard at work with denial of service and web defacing attacks on banks and government agencies. Could a City, County or State government be subject to a similar attack?
A few years ago, when I was CIO in Seattle, I would have dismissed the notion out of hand.
A City government does not hold the secrets to making a nuclear weapon in its digital vaults, nor do cities have active networks of foreign spies (with the possible exception of my friends in the Big Apple) whose identity needs to be uncovered by foreign powers.
Today I feel exactly the opposite.
Cyberwar is real. Cyberwar is happening today, even as I’m writing this. And the New York Times attack is only the latest. The evidence is everywhere. Nation-states (and perhaps others) are creating malware with the express purpose of attacking other nations or private company. Stuxnet is one example, as is the malware which fried 30,000 computers at ARAMCO in Saudi Arabia. Many governments have been compromised with malware to steal money from their accounts by stealing finance officers passwords.
Why would anyone – other than a criminal botnet out to hack finances and bank accounts – target a City or County or State government?
The New York Times attack highlights the reasons clearly.
Suppose a Mayor or Governor publicly opposed allow trainloads of coal to pass through their city or state, in order to be loaded onto ships, sent to China, and used to power the Chinese electrical grid. Wouldn’t such opposition essentially constitute economic warfare and potentially provoke a cyber response?
Suppose a Mayor or County Executive, hoping to combat a rash of gun violence, initiates programs for a network of video surveillance cameras and gunshot detection technology (read: microphones) in a City. Could that provoke Anonymous or a similar organization?
Defacing a City or County website is bad. Stealing taxpayer money from government bank accounts is worse. Compromising SCADA systems to shut down a water supply or electric grid is dangerous. But we haven’t yet seen the worst potential attacks, such as bringing down a 911 telephone network or freezing a police or fire computer-aided dispatch system or perhaps crashing a public safety radio network.
And these overt acts pale by comparison to covert actions which may be occurring undetected – systematically compromising and falsifying utility bills, or hacking into and changing criminal and court records. We have no evidence such covert acts have ever occurred, but given the myriad of different levels of government and many repositories for the information, such databases must represent a juicy and lucrative target for criminal networks, Anonymous and even nation states. All these potential threats indicate cities, counties and states cannot be complacent, but rather need active cyber security programs, preferably in cooperation with other agencies.
Yes, Dorothy, a City could be hacked to its knees. Worse yet, it might not be discovered for months or even years after the act.
January 3, 2013 By Bill Schrier
Although Congress continues to put off really dealing with the so-called "Fiscal Cliff", the budget deficit, and a host of related issues (at least as of this writing), in the last week of 2012 both Republicans and Democrats agreed to extend FISA – the "warrantless wiretapping" law. FISA – really the "FISA Amendments Act" - essentially allows the federal government to eavesdrop on email and other communications without a warrant. The Senate even rejected amendments which would require some transparency in the process, such as revealing how many Americans are monitored in this fashion. This same law also gives telecommunications carriers blanket immunity when they turn over records or allow wiretapping of citizens.
On a slightly different issue, the National Rifle Association is reiterating its adamant opposition to the banning of assault weapons or other restrictions on the purchase and ownership of guns, despite the death of 20 young children to gunfire in Newtown. The NRA supports, however, a national registry of the mentally ill. And, of course, the Gun Control Act of 1968 prohibits gun sales to individuals who have been committed to a mental institution or "adjudicated as a mental defective." Because individual states have a wide variety of laws (or lack of them) which implement this provision, it has few teeth, hence the NRA’s call for the registry.
Recent advances in technology promise unprecedented ability to further monitor and pry into the private lives of citizens. The law is still murky about the GPS information in your cell phone, but some courts have ruled a warrant is not required for law enforcement to obtain it. Congress also approved a new law in 2012 which allows commercial pilotless aerial vehicles ("drones") to populate our skies. And technology is being developed to allow your TV to monitor your viewing habits, perhaps even via a camera which watches YOU and is embedded in the TV. This information could be reported back to advertisers and others for further targeting you as a consumer. Given the FISA extension (which protects telecommunications carriers who turn over information to the government), such data might also be available to government authorities. (More detail on drones, phones and TV monitoring here.)
Let’s add these new technologies to many which already exist – a proliferation of video surveillance cameras in both private and public hands for example, as well as a massive library of video and still images collected on sites such as Flikr, Facebook, Pinterest and YouTube. Most such sites encourage "tagging" of individuals by name in the images. Many private companies are developing facial recognition technology to allow these "tags" to proliferate to images across the Internet. Governments are also building facial recognition technologies and applying them at least to mug shot databases of criminals or suspects. License plate recognition (LPR) is now widely used by transportation and law enforcement. Indeed, between LPR and facial recognition, there might very well be a time when anonymity is essentially dead – whenever you leave your house your whereabouts will be known, tracked and entered into either a public or private database.
Add to all this the explosion of "big data" and "data analytics" such as the Domain Awareness System (DAS) developed by Microsoft for the New York City police department. DAS and similar technologies promise an unprecedented ability to analyze a vast variety of information about criminals – and citizens – to build a profile of each and every individual in the nation.
Now let’s circle back to the NRA.
At first thought, the idea of a national database of the mentally ill – who would then be prevented from at least purchasing and, perhaps, owning, weapons – seems an attractive thought. Clearly anyone who would brutally kill 20 first-graders – or murder a dozen theater-goers in Aurora – is mentally ill. Yet neither Adam Lanza or James Holmes were diagnosed prior to their acts. In retrospect, almost all perpetrators of large-scale massacres show signs of mental illness, but are rarely diagnosed before the crime. Some would argue that most cold-blooded murderers (as opposed to those who commit murder in a fit of passion or rage, or under the influence of a drug), are mentally ill.
How do we determine who is mentally ill, and therefore goes into the national database, and is then prevented from buying or owning guns? Ultra conservative groups like the NRA, who would never support government officials registering weapons, are, apparently, more than willing to allow deep violations of privacy to determine if a person is mentally ill. Do we need to build that nationwide profile of every single person living in United States (or perhaps the world), looking for those tell-tale signs of a killer? Do we need to put those cameras on every TV in every house? Do we need to wiretap and analyze every telephone or Skype conversation? And do we then use our business intelligence and big data analytics to create those profiles?
What’s amazing is not the potential for building such a database, but how far we’ve already allowed it in law, with FISA and the FISA Amendments Act and the Patriot Act and the use of our present technology. Even more amazing, is the ability of the far right and the far left, the liberals and conservatives, Obama and Boehner, Republicans and Democrats, all to sign on and support it.
We go willingly into this deep, dark night.
December 10, 2012 By Bill Schrier
I've worked as a public sector employee and a manager of government technology workers for three decades. While public sector workers share many attributes and work attitudes with their private sector counterparts, there are also some things unique to public sector employment. In writing this, I was inspired by two recent blog posts by Steve Radick including "Ten Things You Should be Saying to Your Boss."
First, government is, in the minds of many people, synonymous with bureaucracy. I've blogged about this before, but all large organizations, public or private, are painted with the bureaucracy brush. The bigger the organization, the more bureaucracy – and this applies to banks, manufacturing companies, the software industry and, well, everything where there are at least two people working together.
What should public employees be saying to their CIO bosses? When I was a CIO in a large City government, what should my folks have been telling me? And again, thanks Steve Radick for the inspiration for many of these. www.steveradick.com
1. "Don't worry about it – I got it." It is really great when, as a manager, I know an employee is going to handle something – take care of it, keep people informed and get the job done. Erin Devoto, my deputy at the City of Seattle and now the acting Chief Technology Officer (CTO) there, is a living, breathing, example of this. She took so many projects and drove forward to make sure they were accomplished.
2. "Here's a problem - here's what I'd recommend and why." Some of my worst experiences as a public sector manager were "monkey transfers". That’s where an employee recognized a problem or potential issue, brought it to my attention and then walked out of the office – transferred the monkey from her/his back to mine. But some of my best experiences were when employees recognized an issue, worked with their team to brainstorm some potential courses of action, and laid them out for a decision. Usually those employees, after the decision was made, walked out of the office saying #1 above – "I'll handle it". What a relief. I'm going to especially call out Mr. Stan Wu at the City of Seattle on this one, as he did this many times for me on projects ranging from fiber optic networks to radio networks and others.
3. "What can I do to help?" There are few better experiences for anyone – employee or boss – than being faced with a difficult situation, and having the team come together to figure out a solution and implement it. Willingness to proactively help address issues or problems – not waiting to be tasked with an assignment, is a hallmark of a great employee.
4. "Playing the 'Angel's Advocate' ..." I've been in so many meetings which go on and on as employees raise one potential issue after another with a proposed course of action or an idea. I used to cringe when someone said "Playing the Devil's Advocate …" and then went on to describe some low probability stupid scenario about how a course of action might fail. It's almost like the employees had a pool or a bet on who could come up with the most issues or the most unlikely scenarios to kill the plan. Give me an "Angel's Advocate" – a proponent – any day of the week. And if it is a legitimate issue or problem with the idea, suggest a way to mitigate it (see #2 above).
5. "I just read/watched/heard … and it got me thinking that…" As the boss, I love new ideas, and with all the changes in technology we've seen in the last 20 years, such ideas abound. In government it is relatively easy to find ideas which haven't been tried – usually private sector companies are first to adopt new technologies such as online services or mobile applications. Figuring out creative ways to use those in the government's service to constituents is something every employee can do.
6. "This idea has some risks, here they are, but I’d like to try doing it … " Government employees are notoriously risk adverse. I never quite understood that – most are protected by civil service or seniority rules or union bargaining agreements. Perhaps the risk aversion rises from fear of a newspaper headline or wasting taxpayer money. Frankly, I think bad bosses have a role to play too – ones who steal ideas for themselves or have a negative attitude about anything new. In any case, an employee who is willing to risk their reputation on an innovative solution can be a breath of fresh air.
7. "You know how we've been doing X? Why do we do it that way?" This one needs little explanation. We call it "paving the cowpath" when we apply technology or automate some business process without examining how to improve the process itself. Whether it be procurement or personnel actions or decision making or delivering a service, we should always look at the process first. This is even more important in government organizations where culture can be hard to change and existing business processes have very deep roots. No amount of technology or automation will materially improve an outmoded process.
8. "How am I doing?" Frankly, I used to cringe at employees who asked me this. Giving feedback – and honest feedback – is hard. Many employees don't want to hear bad news and many bosses don’t want to give it. But regular sessions of feedback are much more important than formal performance evaluations. And, of course, the flip side of this coin is willingness to accept that feedback, including #9 below. And employees don't need to wait for the boss to initiate such conversations.
9. "Here's what I learned and how I'll do it better next time". It is hard for many bosses to give feedback to employees on performance. It's much easier if the employee recognizes their own strengths and weaknesses and proactively brings them forward for discussion. This requires, of course, a high level of self-awareness, which is difficult for many people. (I had a long-standing employee who was totally delusional about his technical skills and abilities.) Going through post-mortems on projects and honest self-evaluation is important, and then vetting it with the boss is, again, more important than formal performance evaluations.
10. "Here's how I feel about that … " It takes a lot of guts for an employee to come forward to his/her supervisor, manager or director and give their honest opinion. The other side of this coin is that your opinion should be well considered and logical, not just some unsupported personal opinion. And it should be YOUR opinion, as an employee. I hated it when an employee said "And everyone else feels this way too". Oh yeah? Where are they at? And who appointed you as the spokesperson? Of course, some supervisors don't want to hear what their employees have to say, which is a subject for a different blog post.
11. "Yes, Boss, sometimes I know you'll move my cheese … " Change is a constant in any technology organization, or, indeed, any organization which uses technology at all. Whole industries are undergoing upheaval – just ask anyone in the newspaper, photography or land-line telephone business. Employees need to expect change, even in government, and sometimes it won’t be an improvement. But, conversely, the boss needs to explain the changes and the rationale for them.
And speaking of bosses, just like with Steve Radick's columns, my next blog post will be about what the CIO or boss should be saying to Public Sector Employees.