That’s the way the cookie rules crumble

New EU rules relating to the use of cookies on websites came into effect in May 2011, but the UK Information Commissioner gave everyone a year to work towards compliance. In practice, of course, that meant everyone ignored it for 51 weeks, then panicked.

Along with much of the European web industry, I spent last week fielding calls from clients, asking whether their site was compliant with the rules – or perhaps more accurately, whether they were facing a £500,000 fine, like they’d heard on the news.

As ever with these things, it boiled down to choosing a role model, and copying what they were doing. The Government Digital Service and DCMS (as lead department) were both taking an ‘implied consent’ approach, with pages listing and justifying the use of each individual cookie; and the BBC, initially, were doing likewise. That was good enough for most people.

(Late in the week, the BBC actually changed tack, and introduced a new ‘explicit consent’ approach. Thankfully, most of my contacts had bought into ‘implicit consent’ by then.)

And then, outrageously late in the day – a scorching hot leave-work-early Friday at that, the ICO cracked.

Posting on their corporate blog, Dave Evans announced that their guidance had been updated to ‘clarify’ that implicit consent was a valid form of consent, as long as you were ‘satisfied that users understand that their actions will result in cookies being set.’ In other words, implicit consent with appropriate information was absolutely fine.

It was the only sensible outcome. Constant popups or warning banners would have killed the concept of cookies, which are used – in the vast majority of cases – to make things easier for users. It would have undermined most websites’ traffic analysis. And besides, with third-party services from sharing to embedding now common on every web page, I’m not convinced any technology could have successfully blocked every attempt to drop cookies anyway.

It hasn’t been an unhelpful exercise. I broadly agree with the principle of cutting down on ‘unnecessary’ cookies, and in this past week, as a result of the fuss, we’ve made changes in how we do certain things. (Blog post to follow.) If it has made online giants like Google, Twitter and Facebook think again, and be more transparent about their use of cookies (and other tracking technologies), then that too is a good thing.

Common sense would seem to have prevailed. Hurrah. But I’m sure a lot of people are less than happy at the ICO’s handling of this.

BuddyPress powers new Civil Service community site

There’s a new website in the civilservice.gov.uk domain – but because it’s at a subdomain, of course, it doesn’t count as a ‘new’ site. (That’s an observation, not a criticism; I’m as guilty of doing this as anyone.)

Created by DWP ‘in their role as leaders of Govt agile adoption on the ICT Strategy CIO Delivery Board’, it’s a community site which sets out to provide a space for ‘people in the public and private sectors to discuss, share and get advice and answers on adopting agile in UK Government projects’. As such, it ticks a box from the ICT Strategy Implementation Plan.

Naturally I’m delighted to see they’ve built it using BuddyPress. It looks like a fairly ‘vanilla’ installation for the moment, running using the free BuddyPress Corporate theme, with minimal customisation. I’ve also spotted the Q&A premium plugin in there too. The IP address reveals it’s the handiwork of Harry Metcalfe’s DXW crew.

They’re doing the right thing by just charging headlong into it; it seems like all the Facebook-esque functionality – personal profiles, groups, forums (?), friending, etc – has been enabled. Some of it will work, some won’t. But since it’s all in there already, you may as well give it a try.

I’d also endorse the decision to work with a ready-made theme: I recently looked into developing a BuddyPress theme from scratch, and soon gave up on the idea. It’s terrifying. If you really want to customise the look & feel, do it as a Child Theme.

The fate of any BuddyPress is dictated by the momentum it builds (or fails to build). The site, or more accurately its membership, needs to provide good enough reason for people to come back regularly, and contribute while they’re there. I wish them well.

We’ve got a BuddyPress-based government project of our own in the works; the development work is close to completion, but we’re facing a few bureaucratic hurdles. I’m hoping for progress in the next couple of weeks; naturally, I’ll blog about it in due course.

WordCamp 2012: sleeper service to Scotland, anyone?

Picture courtesy of Wikipedia

This year’s big UK WordCamp will be in Edinburgh; tickets are due to go on sale in the next few days. It’s a beautiful city, and the venue looks magnificent. But obviously, it poses a few logistical problems for those of us based in south-east England.

So I was thinking… does anyone fancy taking the Caledonian Sleeper service overnight from London Euston? Tickets for that weekend are now on sale; at the time of writing, it’ll come to £100 return. However, if we can get a group of 10 together, we can probably get a decent discount… not to mention the benefit of each other’s fine company. (And the prospect of being the world’s first Mobile WordCamp!)

If you’re interested, add a comment to this blog post (or send me an email via the contact form). Obviously, we can’t do anything about it until tickets actually go on sale, but it would be a good idea to get a feel for possible numbers.

The large corporation and the government consultation – no, not that one

In the week that the big news story is about a large corporation well used to allegations of monopolistic behaviour (like this one), and its attempts to build relationships with those formulating government policy, in areas where a certain decision could be to its distinct commercial advantage…

I draw your attention to a post on the GDS blog, describing itself as an ‘important update’, written this evening by Liam Maxwell.

On 4th April 2012, Dr Andy Hopkirk facilitated a roundtable on behalf of ICT Futures on Competition and European Interaction. […] At the time he was engaged to facilitate the Open Standards roundtable, while we were aware that he represented the National Computing Centre on the Microsoft Interoperability Executive Customer Council [..] he did not declare the fact that he was advising Microsoft directly on the Open Standards consultation.

This all appears to have been sparked by Mark Ballard’s report, declaring the event to have been a ‘triumph’ for the ‘proprietary lobby’, and some pretty heated debate in the ensuing comments. Ballard himself adds in the comment thread:

Hopkirk is himself a cohort of MutKoski, Parker, and Brown. They are all members of the OASIS Transformational Government Framework Technical Committee, an unusual policy lobby unit that is sponsored by Microsoft. All have been critical of either UK government policy or its objectives and have specifically opposed defining elements of the coalition government’s open standards policy.

Dr Hopkirk was given a right to reply, in which he declares:

I do have a longstanding relationship with Microsoft purely on the basis of my consistently neutral, pragmatic, end-user oriented and supplier-agnostic perspective. I have supported, and continue to support, open markets, open standards and free/open source software for their contributions to furthering interoperability and IT market competition. I have not been asked to publicly or privately support any client brief or position in the government consultation.

Regardless, Maxwell has done the right thing, by declaring that ‘any outcomes from the original roundtable discussion will be discounted in the consultation responses’. The session is to be re-run, and the consultation deadline extended.

Didn’t I tell you this stuff was dynamite?

[Disclosure: I have worked for both BSkyB and Microsoft in my past. I do not do so currently. I cancelled my Sky Sports subscription a year ago. My main computer these days is a Mac. I’m writing this on a Linux machine. My belief in open standards is well documented.]

Boris Johnson Twitter storm: no oversight, no grey area – and not his first such offence

You’ll remember the furore, just about a month ago, when London mayor Boris Johnson renamed his @mayoroflondon Twitter account @BorisJohnson – and in doing so, turned what had ostensibly (?) been an official account owned by the Mayor’s office into a campaigning platform for his re-election.

The decision to stop tweeting as Mayor was, unquestionably, correct. But by simply renaming the account, his (party political) campaign team had suddenly acquired an opt-in contact list of a quarter of a million people. Understandably, there was quite a backlash – and by bedtime, the account had been renamed @mayoroflondon, and mothballed.

Having spent almost my entire career walking that tightrope between ‘party political’ and ‘elected official’ communication – whether it be as a civil servant myself, or these days, running websites for MPs / ministers / candidates – I saw this as a fascinating case study. The @mayoroflondon account had been quoted on official Greater London Assembly communications for several years. But who actually owned it: Boris himself, or the office of Mayor? Had anyone ever asked that question?

So I lodged an FOI request. And they’ve just sent me their response.

I asked:

Can you please release copies of any correspondence to/from the Mayor’s private office, the Mayor’s press office or the GLA Public Liaison Unit relating to:

  • the decision to rename the account in 2009, adopting the name of the office of Mayor, with no indication of any direct personal attachment to the current incumbent;
  • the formal ownership of the account: whether it was considered Mr Johnson’s personal property, or whether it belonged to the office of Mayor;
  • requests to use the account for official purposes;
  • the decision to include references to the MayorOfLondon Twitter account in press releases and other official communications;
  • Mr Johnson’s move today (20 March) to rename the account and change its purpose into that of a platform for his re-election campaign, including references to the BackBoris2012.com website where there had previously been links to london.gov.uk

They have only been able to supply material in response to my final point. Which means, one would naturally assume, that the matter had never been raised beforehand. An regrettable oversight perhaps.

And so to 20 March 2012.

At 4.22pm, a good few hours after things had kicked off, head of media Samantha Hart sent an email to press office colleagues:

As you’re probably aware now, the @mayoroflondon twitter account has now been renamed  Boris Johnson and is being run by the campaign. If you have any links to @mayoroflondon on your email signature or anywhere else, please can remove it asap?

In other words: City Hall staff hadn’t been forewarned. And the account was now ‘being run by the campaign’ – where, one can reasonably infer, it wasn’t before. Half an hour later, Sam sends round a ‘line to take’, to help press officers deal with any enquiries.

Boris Johnson has decided it would not be appropriate during the pre-election period for him to be tweeting as Mayor of London. He has therefore made it clear to all his followers that he will now be tweeting under his own name outside of City Hall. Anyone who no longer wishes to follow his tweets will be reminded repeatedly that they can unsubscribe with one click of the mouse. @mayoroflondon can be revived by whoever is elected on May 3.

A resolution of sorts, then. The @mayoroflondon account is thus formally deemed to be the property of ‘whoever is elected’: meaning this won’t happen again next time. And a couple of hours later, at 6.25pm came further confirmation from Guto Harri – the former BBC journalist, now Boris’s Director of External Affairs:

The MayorOfLondon twitter feed has been mothballed until the 5th of May. Boris will update his long-standing followers about his non-campaigning activities under the a new feed called @Boris Johnson (…) The @MayorOfLondon feed can be revived on May 5th by whoever wins the election.

… although by midnight, the plan had changed again. The @BorisJohnson account too was mothballed, before a single tweet was sent; with all party-political tweeting through @backboris2012.

So, what do we learn from this silly little affair?

Ministers, Mayors and other elected representatives are multi-dimensional beings. They have an official status. They probably attained that official status by winning an election, on behalf of a political party. And they are (almost certainly) human beings too, with interests and relationships outside politics.

If we insist on maintaining a separation between all three dimensions – and there’s an argument that we should drop the pretence, as referenced by Jon Worth’s excellent blog post – then the Rules of Engagement for any ‘personal’ communication channel needs to be made clear. If you’re a social media manager, or Head of Digital Engagement, that’s your job. You need to lay down some ground rules on behalf of any ‘official’ communications channels… and see that they are enforced. Ask any difficult questions now, before it becomes an issue later.

Except – it had already been an issue.

Seeing Sam Hart’s request that all links to @mayoroflondon be removed, I naturally had to search the london.gov.uk website to see if that had happened. The answer? – yes and no. Certainly there aren’t many references to the account on london.gov.uk any more. But that made it all the easier for me to find this document from October 2009, relating to a complaint made against Mr Johnson by one Graham Parks.

He had complained that a tweet from the @mayoroflondon account on 30 September 2009 had apparently welcomed The Sun newspaper’s decision to back the Conservatives at the forthcoming general election. The matter went to the Assessment Sub-Committee of the GLA’s Standards Committee, who ruled:

it was clear that (the tweet) was written by or on behalf of the Mayor of London, as the hyperlink to the twitter account was found on the Mayor of London page on the GLA website.

In other words, the Sub-Committee had already, in effect, ruled that the @mayoroflondon account – by quoting a london.gov.uk URL – had declared itself to be the property of City Hall. They unanimously concluded:

Having regard to all the circumstances, the Assessment Sub-Committee concluded that, by writing in that manner, the Mayor of London could be seen to have breached paragraph 6(b) (ii) of the Authority’s Code of Conduct, as it appeared on the evidence presented that the Mayor of London was using GLA resources in seeking to affect party political support.

Having regards to all the facts and circumstances, the Assessment Sub-Committee considered that it was appropriate and proportionate for it to take a decision of “other action”, requiring the GLA’s Monitoring Officer to raise this with Mr Johnson, the Mayor of London, and give guidance to him about the use by him or his office of the Mayor of London twitter account.

In other words, the matter had been discussed: there was no oversight, and no grey area. The GLA had already asserted its ownership of the account. And Boris had already been sanctioned for abusing it.

Make of that what you will. And if you’re a Londoner, remember to cast your vote on 3 May.

People like intranets’ names

I’ve just started work on a project to build a first-ever intranet for a small UK government entity. I’ve been waiting for ages for an opportunity to put BuddyPress, the semi-official WordPress add-on which promises a ‘social network in a box’ experience, to the test… and this is it.

It’s still early days in the thought process – but the plan is to make heavy use of BuddyPress ‘groups’, to generate a personalised real-time view of activity in the areas in which you have a specific personal interest. Each team or department would be a group. Each cross-departmental project would be a group. There might also be groups based on physical location, social activity, union membership and so on. Some would be mandatory (eg ‘all staff’); some would be open for anyone to join; some would be invite-only, or totally hidden.

The BuddyPress ‘activity stream’ filters itself automatically according to each signed-in user’s group memberships; so your homepage (tbc) view would consist only of updates – news, forum discussions, events, document uploads, new members etc – from the groups you belong to. No two users’ views would be identical. It’s easy to see how powerful this could be; and in a post-Facebook world, it shouldn’t be an unfamiliar concept.

Anyway… I started preparing wireframes yesterday, and hit an immediate question. What should go in the ‘logo’ space, reserved by convention in the top left corner?

Most intranets I’ve had the misfortune to use in the past have had names. But I wondered, did people actually use those names when referring to them? When asked ‘where can I find that document?’, would people generally answer: ‘On the intranet.’ or ‘On [insert name here].’? Personally, I’d instinctively say the former myself; but after 17 years in this business, I’m used to the fact that I’m not ‘normal’.

So I asked Twitter. And to be honest, I was surprised by the response.

Almost without exception, people responded that yes, their intranet did have a name… ranging from the fairly dull (‘Cabweb’ at the Cabinet Office) to the fantastic (‘Narnia’ at the National Archives!) to the quite unfathomable (one digital agency chose, er, ‘Agnes’). And yes, people used the name in common parlance.

One or two people reported failed attempts to name their intranet: but the names they mentioned – ‘[organisation name] Online’, or ‘The Hub’ – seemed very generic. It’s almost as if people will make an effort to use the name, if you’ve clearly made an effort to make one up. If the name seems half-heartedly conceived, it shouldn’t come as a surprise that the staff don’t buy into it.

I’m not claiming any scientific validity for these results; but I’m left in no doubt that I’m going to have to think up a name.

Telegraph publishes first WordPress plugin

The Telegraph Media Group began embracing WordPress two and a half years ago: first its blogs were migrated over, then its My Telegraph community. They then began embracing WordPress people, hiring BuddyPress core developer Paul Gibbs, and hosting London WordPress meetups.

Now they’ve gone a stage further: releasing a WordPress plugin in the company name. Expire User Passwords has obvious applications in a more corporate environment: it’s a zero-configuration plugin which you simply install and forget about. Until you reach the 30-day expiry point, when you’re prompted to renew your password.

It’s available from the WordPress repository, where it’s owned by Paul and a new Telegraph user account. Or alternatively, they’ve just started making use of a Telegraph Github account which they seem to have registered two years ago.

Well done, Team Tele. Great to see a large corporate giving back to the WordPress community. I’d love to know how they got over the inevitable concerns about plugin support, liability and so on.

Going in 60 seconds

In a single sentence, Stephen Hale’s latest blog post encapsulates the sheer joy of moving from a classic old-style CMS to WordPress.

By switching out Stellent for WordPress as our primary content management tool, we changed the processes by which web content was created and published. Editors no longer needed the same in-depth knowledge of the CMS to publish content, it was possible to publish more quickly, and it was much easier for us to devolve the act of publishing. The day-long CMS training course for new editors was replaced with a 1 minute (I timed it) session showing staff how to click on “add new” and type in a box.

From what I hear, the GDS training course for those publishing on the new unified platform is going to take a _little_ longer than that.

Saul’s gov.uk plugin now on Github; anyone know Ruby?

Saul's plugin: 24 hours later

I blogged earlier today about Saul Cozens and his ‘v0.1 alpha’ WordPress plugin for embedding gov.uk content via WordPress shortcode.

The great news is, Saul has uploaded it to a public repo at Github, meaning it’s now:

  • dead easy for you to download, and keep up to date
  • possible for you to fix, enhance and generally improve it

Saul has very foolishly kindly given me commit privileges on it, and I’ve done a bit of work on it this evening – a bit of error handling / prevention, adding basic parsing of gov.uk’s multi-page ‘guide’ content (including any videos!), and general housekeeping.

In other words, it’s now less likely to simply fail on your page. It’s likely to fail in more complicated ways instead. 🙂

There’s one substantial catch: and this is an appeal for help.

The platform’s content is marked up, so it turns out, using an extension of the Markdown language, which they’re calling govspeak.

It adds a number of extra formatting options, to create things like information and warning ‘callout’ boxes. And whilst there are PHP based libraries for Markdown, which we can bolt on easily, there’s nothing instantly WordPress-friendly for this new govspeak.

Yet. If you know a bit of ruby, if you’ve got a bit of spare time, and if you want to help expand the reach of govuk’s content to charities, community groups, local government, etc etc… now’s your chance.

If you fancied one of those £73,000pa developer jobs, I bet it would look great on your application. 😉

New plugin embeds gov.uk forms within WordPress

Saul Cozens has done a wonderful thing. He’s written a WordPress plugin which allows you to integrate content from the new gov.uk site within WordPress pages. You add a WordPress shortcode, of the form:

[govuk url="https://www.gov.uk/vat-rates"]

It pulls in the corresponding JSON data – which is really just a case of adding .json on the end of the URL – and plonks it into your WordPress page. So far, so not tremendously complicated.

Here’s the good bit. No, sorry, the fantastic bit. Not only does it plonk the text in, it can also plonk forms into place. And keeps them active as forms. Yes – actual, working forms.

My screenshot above is taken from my test server: no offence Saul, but I’m not putting a v0.1 alpha plugin on my company site! – but it shows me successfully embedding the Student Finance Calculator ‘quick answer’ form within my current blog theme, and sending data back and forth. Sure, the CSS needs a little bit of work… but Saul’s concept is proven.

Game on.