Many decades ago I worked on a time recording system for a large business department. This was to be used by a couple of hundred workers who would enter their time as they completed tasks, and then reported back up to managers. It may sound draconian in these days of zero-hour contracts and gig economy workers, but it was common in those days of top-down project management and still is today on major infrastructure projects.

What intrigued me was how a small, important, vocal minority of stakeholders bent requirements so that their needs were addressed to the detriment of the large body of people who would actually use it and enter information. One effect of this was that the workers took the lazy way out and simply reported in large blocks of work rather than the fine-grained estimation needed by the immediate project managers – too many tasks resulted in too little detail and most reported only when they had finished. In effect they ‘gamed’ the system.

But this isn’t just an historical tale. I’ve seen the same feature creep in a number of places. Take the UK government’s Covid-19 tracking app for example. In an excellently reasoned article one of the developers for that app discusses all of the reasons why they are not using the decentralised model offered by Google and Apple. Reading through, I think it is fair to say they rejected the decentralised approach “because it doesn’t help us, only you”. Therein lies the rub.

In all the systems I developed over many decades one thing I came to understand was that complex and intricate things were used less and less by the very people that were needed to collect accurate data. Unless the lowest and least important people use your system, the data is useless. You need buy-in from the very people you didn’t consult, as the whole premise of the system needs them to accurately, faithfully, and happily use your app.

I was a professional developer who is quite happy for much of my information to be online in the right places but I am concerned about the interconnected abilities of this app. Person-to-person interconnectedness takes this to a sinister level, one that reminds me of the worst excesses under the Iron Curtain. Anonymous entity resolution has been used for a decade or more to trace bad guys but a population mapping of this sort can only be dreamt up by Facebook, and we’ve seen where abuses of that led.

I’ve seen all types of ways to encourage, cajole, threaten, and advertise the use of systems and above all, unless the system gives the end user something back they will not use it. Money incentives, managers checking weekly, making it part of yearly objectives, all of these fail unless the system is simple, easy to use and above all helps users do their work. All other stakeholders are secondary consumers of the information and all the scientists, Public Health England, app developers and National Cyber Security Centre staff are not as important as the millions of ordinary Brits who are expected to use the app. Starting off by excusing privacy-breaking controls isn’t the best way to start introducing a new national app. The reason given? “It will help us”, not “help you”. To quote from the article,

“… and, most importantly, (it) provides the insights the public health professionals need to better manage the virus in the UK.”

… from NCSC blog post written by Ian Levy

MOST importantly?!? While other issues mentioned are interesting in a technical way, such not draining the battery and keeping me secure (from whom?) the article in a profound way exposes the general attitude about such systems – it’s all about us, not about you. We need this because we are important, not because you are important. But if we want people to do things, we need to do things for them, not for us.