Risk Factor iconRisk Factor

Cost Overruns Plague UK Public Sector IT Projects

ComputerWeekly reports that a study published by the European Services Strategy Unit claims that the majority of the 105 outsourced public sector Information and Communication Technology (ICT) projects they looked into had significant cost overruns, delays and or terminations. The 105 projects had a total contract value of £29.5 billion with cost overruns totaling £9.0 billion. Within these 105 projects, 57% of contracts experienced cost overruns with the average percentage cost overrun being 30.5%. Some 33% of contracts suffered major delays while 30% of contracts were terminated.

One reason for the problems encountered was that public sector officials often only focus on the procurement stage of projects, without considering the cost of implementation and training, while another was that the private sector contractors overstate their ability to deliver and underestimate the complexity of public service provision.

One more study to add to the dozens of others all depressingly finding the same thing.

Snooping at the IRS


The Wall Street Journal (WSJ) reported a few days ago that there has been an increase in the number of Internal Revenue Service (IRS) employees illegally looking at confidential taxpayer info. As the WSJ says, "Although the number of browsing cases is tiny compared with the IRS's overall work force, the number went up in the latest year. Officials at the Treasury Inspector General for Tax Administration, or TIGTA, say they opened 521 investigations in fiscal 2007, up from 448 the prior year -- and the highest since a 1998 taxpayer-privacy law was enacted."

"During the latest year, there were 219 "adverse administrative actions" against IRS workers, including firings and suspensions, a TIGTA official says. That's up sharply from 104 such actions the prior year."

No word from the UK on the number of HM Revenue & Custom employees who have been caught snooping on UK taxpayers.

Seattle Bus Tunnel Computer Still Out

Seattle's newly renovated downtown bus tunnel will remain closed through Friday (UPDATE: now Monday, 24 December; UPDATE 2: Make that 26 December; UPDATE 3: Make that until further notice; UPDATE: Opens on 27 December.) due to a computer malfunction, reports the Seattle Times.

According to the Times story, "Sound Transit, which recently led a tunnel-retrofit project, found suspected flaws in two or three circuit boards and will also replace five or six similar boards, said its light-rail director, Ahmad Fazel. Replacement boards were being flown to Seattle Wednesday night, he said."

"Fazel said the Seattle tunnel controls include a backup mode. But, he said, the flawed circuit boards were staying "on" even after they failed, disrupting the backup program, he said. Manual controls exist at each of the tunnel's five stations, but without the computer system, the stations would not be united, he said."

Updates on AMT, DC Tax Fraud & UK ID Messes


A few updates on a couple of earlier blogs.

Well, first, Congress has passed an Alternative Minimum Tax (AMT) patch for one year. However, Treasury Secretary Henry Paulson Jr. said that tax refunds will still likely be delayed because Internal Revenue Service (IRS) computers need to be reprogrammed - guesses are a best case three week delay, seven weeks for the expected case, and a worst case scenario of ten weeks. But because the patch expires at the end of 2008, we get to go through this all over again next year.

A new story in the Washington Post indicates that the DC tax scam may have started in 1990. So now the scam looks like it has been going on for possibly seventeen years, instead of the nine years last believed, which was an update from seven years which itself was a revision of the three year time frame first thought. No one now is even hazarding a guess about how much money was pilfered.

Finally, the London Telegraph reported today that "details of thousands of doctors, including religious beliefs and sexual orientation" were available to anyone logging on to the Medical Training Application Service site. Given almost the daily disclosures, one wonders how many more data breaches exist throughout UK government organizations.

The Telegraph also reported this week that "Sir Gus O'Donnell, the Cabinet Secretary, has advised ministers to toughen the penalties for improper disclosure of personal data after reviewing the way Whitehall departments deal with sensitive information." The penalties suggested includes jail time for civil servants.

Big IT Troubles at DHS


In the first of a three-part series on the Department of Homeland Security (DHS), BusinessWeek notes that some $3 billion in DHS information technology contracts, "accounting for 60% of the agency's 2008 IT budget, are underperformingâ''whether because they're behind schedule, over budget, or lack a qualified project manager or definable parameters. In dollar terms, Homeland Security accounts for about half of the troubled government IT projects tracked by the Office of Management & Budget (OMB)."

The article goes on to quote Clark Ervin, who was DHS Inspector General from January 2003 to December 2004: "When these contracts go awry, it's not just a question of millions of dollars or tens of millions or billions of dollars wasted, but it also means that the security gaps that those contracts are intended to address are left unaddressed." (Listen to an interview Ervin did with IEEE Spectrum last year.)

DHS says not to worry, though, because "great progress" is being made in getting the challenges posed under control.

Computer Problems Do In Seattle's Bus Tunnel Operations

Seattle's newly renovated downtown bus tunnel has been shut down for the second time this week due to a computer malfunction, reports the Seattle Times. The tunnel reopened for weekday bus service on Monday, Sept. 24, 2007.

According to the Times story, "All of the systems in the tunnel â'' such as ventilation, lighting and signals â'' are controlled by a computer system installed during the recent retrofit of the tunnel. The computer is based at Sound Transit's new operations center in Sodo."

The tunnel handles 1,076 bus trips on 18 routes on a typical weekday.

There is no word as to when the tunnel will be re-opened.

LAUSD Payroll System: From $95 million to $210 million


The LA Daily News reported on Sunday that the LA Unified School District (LAUSD) officials are now saying that its botched and blundered payroll system will likely cost upwards of $210 million when all is said and done. And if it is like any of the previous estimates, it is probably low by $25 to 35 million.

What's more, the newly estimated cost figure does not seem to include the $6 million in noncollectable over-payments to employees, the cost of its image consultants hired to put on a positive spin to the failure, and all the ancillary costs involved in correcting the payroll errors by everyone involved.

LAUSD officials furthermore say that to get to their projected error rate of 0.5 percent of monthly certified paychecks, teachers will have to give up the ability to get annualized pay (i.e., receiving twelve paychecks a year, instead of ten). This has not gone over well, since teachers fought for 25 years to get this benefit which was introduced only this past February when the new payroll system was introduced. The excuse for not doing so for the previous two decades plus was that the old payroll system couldn't compute the pay properly, but everyone was confident that the new and improved payroll system could. Well, it appears the new one can't either - I didn't know computers had problems normalizing using the number 12 as a base.

LAUSD officials also admit that they were over-optimistic, didn't know the project risks involved, did improper planning, scheduling and budgeting, etc., etc., but funny enough, they are having a hard time figuring out who was responsible for the mess in the first place. Must have been gremlins.

Finding Your Car at Heathrow

Jaguar-SS100-3.gif When the new $8 billion Terminal 5 opens in March of next year at London's Heathrow airport, you won't have to worry about remembering where you park your car. According to a story in USA Today, infrared cameras and sensors will be capturing a car's license plate as it enters the terminal's parking garage, and as the car makes its way inside the garage, additional cameras will be monitoring it. Cameras will also take a picture of where each car eventually ends up parking.

When passengers return from a flight, they can go to a kiosk and either enter their parking ticket or license plate number. The location of their car will then be displayed on a diagram of the parking terminal.

The parking garage will also have information telling passengers where there is open parking. You can read a story about smart parking technology in a story I wrote for IEEE Spectrum on-line here.

In a related parking story, also from USA Today, it seems that because parking is at such a premium in many areas of Britain, that fast-food restaurants like McDonald's are warning customers to eat up in 45 minutes or risk a parking fine of $150, while supermarkets and department stores, including British retail giant Tesco, are warning shoppers they too will be fined if they park for more than two or three hours. Just like at Heathrow, cameras are being used to identify the cars overstaying the parking time limits.

Cell Phone and Landline Spending Practically Equal in 2006


Data from the Bureau of Labor Statisticsâ'' Consumer Expenditure Survey (CE) show that cellular phone expenditures increased rapidly from 2001 through 2006. When coupled with a decrease in spending on residential landline phone services (residential phone services) over the same period, spending on the two types of services were practically equal in 2006.

According to the Bureau of Labor Statistics, expenditures for cellular phone services per consumer unit rose from $210 in 2001 to $524 in 2006, an increase of 149 percent. Expenditures for residential phone services per consumer unit fell from $686 in 2001 to $542 in 2006, a decline of 21 percent.

The Bureau of Labor Statistics provided no guess as to when landlines will be going the way of the telegraph.

More Lost UK Citizen Info: This Time in the US

The London Times reports that Ruth Kelly, the Transport Secretary, told MPs today that the personal details of three million UK learner drivers have been lost this past May. The data, which contained contained the name of the test applicant, their mail address and telephone number but no details of any individualâ''s bank account or credit card, was housed on a hard drive in the Iowa City offices of Pearson Driving Assessments Ltd, a company employed by the Driver and Vehicle Licensing Agency.

This unexpected disclosure came as Ms. Kelly was being asked to talk about the recent loss of two unencrypted computer discs containing the names and addresses of over 6,000 motorists in Northern Ireland.

In other news, the interim report of the "Poynter Review" investigating the loss of CDs containing the personal details of 25 million UK citizens that was expected last Friday appears not to be forthcoming after all. Now it looks like everyone is going to have to wait until the full report is finished, supposedly by June of next year, pending, of course, the amount of embarrassing information it contains.

Though no reasons was given, I suspect part of it was this little exchange during Parliamentary questioning of Mr. David Hartnett, acting Director of HM Revenue and Customs (HMRC).

"Q356 Mr Todd: I suppose one of the puzzles to anyone who knows anything about the systems is that it was actually technically possible to do this. Not that some senior manager did not know about it; it should not have been possible for one individual member of staff to produce a file of this kind and despatch it; there should have been a built in bar in your system which required some sort of intervention to achieve that outcome. That has been a puzzle to me from the start. Can you throw any light on that?

Mr Hartnett: Mr Todd, it is a puzzle to me as well, I have to say, but let me explain what was going on here because I think it may help. I think Kieran Poynter's work really has got to help us with this. The data that was in Waterview Park in the North East was drawn off from the child benefit computer system. That is in a different building and it was needed for what we call claimant compliance, to check that we were paying child benefit in circumstances where it was due. It was brought to Waterview Park and loaded up on to a secure, stand-alone desk-top computer in a secure environment, and from that the people with access to it draw off samples for our claimant compliance people with our people saying, "This is the sort of sample I need." The emails are interesting in this context, because they show no expectation at all that the data would ever have left our offices, but I think you are onto a crucial question, and that is how on earth was it possible ever to draw down a full copy? At the moment I know it clearly was possible, but---

Q357 Mr Todd: That is an issue of system design.

Mr Hartnett: Exactly; absolutely."

So, from this and other bits of Harnett's testimony, it is clear that there is a systemic security problem at HM Revenue and Customs, even as Prime Minister Gordon Brown insists there isn't.

Expect Mr. Hartnett to be shown the door early next year - I bet he'll be "wanting to spend more time with his family."


Risk Factor

IEEE Spectrum's risk analysis blog, featuring daily news, updates and analysis on computing and IT projects, software and systems failures, successes and innovations, security threats, and more.

Willie D. Jones
Load More