UK.gov finally kills ContactPoint
A moment of silence
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
So, farewell then, ContactPoint, the database we never quite came to love. In the end, it was victim to straitened economic circumstances and lacking the courage of its own convictions.
According to a Department for Education announcement on 6 August, it was due to be taken to meet its cyber-maker at noon on 6 August. A statement from the DfE this morning confirmed this. ContactPoint has been switched off, never more to be accessed - at least not by local teams. Database deletion is due to commence within 24 hours of the shut-off. It should be permanently deleted within the next eight weeks, using government-approved processes and security standards (Information Assurance Standard 5 IAS5).
The problem at the heart of ContactPoint was a failure of will on the part of the government. Following a series of disasters in childcare, of which the Victoria Climbié case was one of the most significant, an official inquiry suggested a suggested systemic failure on the part of bodies entrusted with the care of children, including a failure to pass information between professionals.
One solution considered in the early days was the establishment of a national system which carried summary records of all children, noting any concerns expressed about them by a range of professionals. Such a "summary risk" database would have been intrusive, but it might possibly have identified patterns in concern that would not have been picked up without it.
However, objections to the implications of such a database prompted the first climbdown, and the gathering of so much information was quickly relegated to the "nice, but..." ideas bin. The database instantly shrank to little more than a glorified telephone directory of those who had contact with individual children.
We are still pressing the DfE to give us sight of the systems specification for the database. This has been consistently denied, on the grounds that such information might constitute a security risk. We await a response with interest.
The second issue was the number of people with access to the database.
The launch of the database was delayed three times because of security fears. The system itself came in for severe criticism from the House of Lords Select Committee on Merits of Statutory Instruments, and in a report compiled by the Foundation for Information Policy Research for the information commissioner.
Concerns were raised in respect of individuals involved in witness protection: there were fears that this would prove a goldmine for violent individuals tracking down vulnerable ex-partners.
So the number of individuals with access to ContactPoint was also reduced. For a long time, the Department for Children, Schools and Families talked about the low number (around 300,000) that would have access to ContactPoint.
They were then encouraged into into action by some sleuthing by The Reg. We discovered that the estimates being bandied about had not moved in almost two years (from the time when the project was first a gleam in government ministers' eyes) and calculated that if all those identified by the legislation as potentially needing access were given it, the figure rose to somewhere in the region of one million.
Our investigation prompted a parliamentary question, and a response sneaked out in the dying days of the 2007-08 parliamentary session suggesting the true figure would be in the region of 390,000, but could be as high as 480,000.
Just 15,000 have access at present.
Unfortunately, in solving one issue, the government created another. Minutes of police discussions on local implementation of ContactPoint highlighted concerns that access to ContactPoint would only be through a small number of designated operators in central control rooms. This solved the issue of over-broad access but did so at the cost of almost certainly ensuring the database would gain little exposure inside a key agency.
In the end, straitened times and a preference for a more targeted "signposting" approach sealed the system's fate, and the death sentence was pronounced in a letter (pdf) by Children's Minister Tim Loughton to the Association of Directors of Children's Services last month.
The development of ContactPoint appears to have cost around £230m - figures vary slightly according to source. There will also be some additional money spent supporting councils during the decommissioning phase.
There will also be knock-on effects of the electronic enabling of the Common Assessment Framework (eCAF), although for now this will continue to be rolled out.
Over a quarter of a billion pounds of public money has been dispensed on a non-project, and ContactPoint is no more. Whether the mainframe was quietly humming the tune of Daisy Bell to itself when they came to pull the plug is not known. ®
Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider
COMMENTS
Did it (would it) save *any* lives
The impression was that was what it was *supposed* to do, given Victoria Climbie was one of its initial justifications.
Let us just hope the *next* time someone gets the idea that some super-duper database is the answer the crisis de jour someone throws something (preferably something quite hard) at their head.
Let me write the *next* dead kid "Serious Case Review"
"There was a systemic failure by agencies to share information..."
"XXXX's death was preventable"
"Lessons have been learned"
And a few things that probably won't make it in.
"The social workers were more concerned about the effect a complaint would have on their career than weather the child was still alive."
"Making sure the paperwork looked right was *far* more important than actually checking on the well being of the child"
"Initial assessments are time consuming to do properly, although it is critical to deciding in how a case is handled. Still mostly no hard done."
"The threatening and aggressive behavior of the parents/relatives/family friends strongly suggested they had something to hide. But I was *really* scared of them."
I'm not sure what the definition of a "Serious Case Review" is given the average 7-10 deaths a week on the UK At-risk register. In principle shouldn't *all of them have one? I suspect it's along the line of "It made the TV news, we'd better look like we're doing something."
I won't mourn its passing. It *always* seemed to be more about a clean load for the NIR of the National ID card system and PNC II (fivein that the Police were to have access and record were to held till the "child" was 25).
Data bases don't save lives. Paid child protection and child welfare specialists doing their *job* should do that.
It seems to me that quite a few of them are not up to the task, and their managers are not up to the task of improving them, or getting rid of them.
Fail not so much for the DB, but the children who the *whole* system has systematically failed to the point of death, literally "Acceptable losses."
don't go to town on a system before you know what you want
This is a classic and expensive failure. Private contractors should not be expensively involved in such developments prior to wider policy agreement on what the specifications should be. Clearly some incompetent civil servants are not up to their job due to lack of systems awareness skills. Or maybe these failures are down to private ambition and inter-departmental back stabbing. Who knows ?
If you are developing public architecture you have an open competition and you have design proposers make and throw away a few cardboard models before choosing the one you want to spend real money on. That should cost much less than 5% of your total design and build budget. And I don't see why a similar approach can't be adopted in relation to computer systems.
@Why so many and why so much
>Why did this system have to record all children in the UK to identify those recorded as being at risk?
The caring 'professionals' attitude that you are all guilty of something, even if it's just the possiblilty that you might do something. That's why we need to store the DNA of innocent people - just in case.
>Why did it cost £230 Million to develop a basic system to store names and addresses
Usual budget wrangling. Everybody wants a nice shiny new computer - you have a new big budget contract to stick the PO on.
You have been told to cut costs, so all your IT staff, maintenance contracts, HVAC, etc now get attached to the new big shiny contract.
You save costs, a big project becomes bigger and more important ..repeat.
IT infrastructure monitoring strategies
What you need to know about cloud backup
Enabling efficient data center monitoring
Agentless Backup is Not a Myth
Top 10 SIEM Implementer’s Checklist
