A few weeks ago, I spoke at a conference on information sharing, on the topic of risk. I think the organisers (and perhaps the audience) expected me to talk about privacy impact assessments as a way of addressing the risks around sharing information. But instead, I put up a picture of a brain scan (have you tried to illustrate an abstract concept recently?!) and focused on some of the conclusions that behavioural psychology, and particularly behavioural economics, are reaching, and talked about how they might be of use to those of us thinking about information. Now, I wouldn’t claim to have an in-depth knowledge of the complexities of those concepts, but when we’re trying to unpick the issues, it’s helpful to bear in mind that, fallible humans as we are, we tend to focus on the immediate and the quantifiable risks, and the likelihood of loss, rather than the longer term and ‘fuzzier’ benefits. The risk of an ICO fine and damage to our career will, inevitably, weigh heavier than the possibility of improving the lives of citizens by sharing information to make our public services better (or prevent a tragedy).
So, it should come as no surprise that when Cabinet Office minister Francis Maude became frustrated with the limitations of government IT (and his ability to connect his ipad to the internet at work), he is reported to have set up a personal wifi hotspot in his office. His refrain – “why is it so much easier (and cheaper) to get the IT we want at home?” – is familiar to me, and one with which I have some sympathy. Commenters online pointed out that by circumnavigating the security controls applied to the government network, he could potentially put information at risk. This is doubly ironic given the Cabinet Office’s responsibility for the Public Services Network, the secure online system by which local authorities and others connect to central government, and which is causing much heartache to colleagues across the country at present. But the lesson here surely is that, we need to find a way of successfully balancing people’s expectations of what IT can do for them against their expectations of how information will be managed.
And we need to use this understanding of how people work when we try to look at how to support appropriate information sharing. If you or someone you know has assembled Ikea furniture recently, you’ll know there’s quite a high chance that the instructions were casually glanced at – at least until part way through the assembly, when you suddenly seem short of a crucial piece. Even if you do read the instructions carefully, once you get started, something that seemed like it ought to be simple never seems to turn out that way. Technology companies know this – they don’t ship items with a big manual, printed in five different languages any more – it’s all there online instead. So why do we still think that producing guidance documents is sufficient to making information sharing more successful? Sure, it needs to be there for reference, when you have a question about whether you should be using the dowling piece or the cross head screw to hold this bit together, but don’t we need to try and make the process as straightforward and intuitive as possible to limit how frequently this situation occurs? A bit more like Francis Maude’s ipad, in fact.