The power of information, tube strike second edition

As an update to yesterday’s post showing how much better TfL information can be presented by applying a little bit of information design, here is an even better example – it’s a cleaner map, with more information and it’s by far the clearest guide to what will be happening that I have seen.

Again though, this does not come from TfL. The owners of the most iconic map in the world are still not managing to make use of its power.

Tube Strike Map

There is a link to a much larger version on the original site.

The power of information, tube strike edition

If you don’t know what’s going on in a system, it’s very hard to know how to respond to it. Those who have information are powerful, those who share information empower others.

Some of that is about big stuff, but some of it is about very small things. So in the next couple of days, there is likely to be a strike of London Underground workers, which will result in substantial disruption to the network. The question is how much and where.

Transport for London know that’s what we want to know, and provide a prominent link on their home page. So far so good.

screen shot of TfL home page with link to pdf document on service plansWhat we get, though, is a link to a pdf document, colour coded to a rough approximation of the line colours, which describes what is likely to happen on each line. There’s nothing wrong with the information, but it’s not easy to parse, particularly if you are less than completely familiar with the shape of the network. And even if you can work out where the trains are going, you still need to see whether they are going to stop where you want them to, as stations may be closed even when lines are open. Those stations are listed alphabetically, which makes a degree of sense, but makes it hard to answer the obvious question, ‘if the station I want is closed, is the next one open?’

Could there be a better way? It turns out that there could. The tube is of course famous for its map, and what better way to give an immediate impression of what’s going on than with an appropriately adjusted one. Enter Ian Mansfield, the eponymous writer of IanVisits, who has done exactly that (with a link there to a much bigger version). map doesn’t tell you everything – it doesn’t say anything about likely frequencies, for example, but it tells you a lot very vividly which isn’t immediately obvious from the TfL text. Barking is the only station open between Upminster and West Ham. You can get a train from Cockfosters, but it won’t take you very far.

This isn’t about lack of capability. TfL are doing some rather good work on a replacement for their website, with some very smart people working on it (even if I have been a bit sniffy about aspects of their approach). But it’s certainly about a missed opportunity to use design thinking. So all credit to Ian – though we really shouldn’t have to rely on him.

Imagining the future

There is a lot of pseudo-scientific claptrap published about the future. There are people who carefully extrapolate trends, construct complex scenarios, weight many outcomes, some of whom necessarily get some things right through sheer chance, but many of whom appear to rely on nobody checking back from the future to see how well they did.

The future doesn’t have to be analysed, of course. It can also be imagined. Some imaginings are pure and unashamed fantasy. Others are based on thoughtful consideration of what the not very distant future might look like, based on the often overlooked premise that ‘the future is going to be like the present, only with extra layers’ – though tempered by the earlier thought from the same author that ‘trying to second-guess the near future is increasingly impossible’.

But imagination is not just for science fiction writers. More than a little surprisingly, Consult Hyperion, who describe themselves as ‘thought leaders in digital money and digital identity’ organise an annual competition ‘to develop links between the financial industry and creative practitioners from around the world’.

This year’s challenge was to design a future financial crime. I got to see the shortlisted entries being presented last week, and they have now been published online. I was particularly taken with the eventual winner, Bigshot:

What happens at the convergence of Anonymous Routing, Crypto-Anarchy and Crowd Funding?

In 2013, the individual is capable of wielding more power than ever before. The proliferation of anonymous, web based technologies will enable this yield exponentially, creating the potential for devious criminal activity on a scale never before possible. Imagine a world where dangerous minds have a public platform to solicit support from anyone with an internet connection.

That world is imagined in this video – well worth three minutes of your time.

As well as being an entertaining piece of dystopian thinking, I think it’s worth thinking about the approach more generally. Kudos to Dave Birch and the Consult Hyperion team for having the imagination and confidence for introducing this kind of experimental creativity into a sector not renowned for it. But the cross fertilisation of business strategy and creative arts has equal potential elsewhere. Back in 2006, I noted the splendid performance of the Helsinki Complaints Choir, which does precisely what the name suggests (and is worth another eight minutes). And in a sense, this reframing of the context, forcing a different view of an issue, is what service designers do as, for example, this extract from Snook’s principles shows:

We generate innovative concepts by making space, mentally and physically to be creative and take risks. Design is not just about incremental change and service design but about systems and transformation.

It would be great to apply artistic creativity more widely to understand the futures we might build and the futures which might create the environment in which we build. Perhaps Bigshot will give us the means to crowdsource it.

Nativity scene

Harry has a new baby. The baby needs a passport. Or does she?

It is easy to be swept away by visual design, by clarity of language, by transparency of navigation and many other things besides. It is easy to confuse those things – any of them, or all of them collectively – with effectiveness at getting things done. It is easy to praise or criticise web sites for how straightforward they are to pretend to use.

We try to get past those traps by user testing, drawing as far as possible on people characteristic of the service concerned. But all too often, we find ourselves asking testers, ‘what would you do if…?’.

In the end, there is no substitute for user testing being done by actual users trying to meet an actual need, which is one of many reasons why the idea that a web service can be finished before it is turned on is so delusional. Obstacles and difficulties will be found by actual users which the most well meaning and most realistic test users will miss altogether or respond to very differently.

So the news that Harry knows his baby needs a passport has a wider importance than it might first seem. Now all he needs to do is to remember that he probably needs to pack just a little more than he used to.


Alpha conversation

This is how conversations work, or rather how one conversation played out on twitter this morning. Tricky subject, no right answer, constructive discussion.* But perhaps most important of all, those issues are being discussed in public for a government proof of concept which hasn’t yet even been launched. It is that which is more radical and, for the long term, more valuable than the issue at hand.

Update 8 May: And then 24 hours later, the same conversation restarted. The very things which make twitter a powerful and immediate communication channel also make it hard to see what has gone before and – I have even more forcibly realised – hard to transcribe and preserve. A few more tweets added below.

* It is the nature of twitter discussions that there was more to it than this, but from what I could see, this was the core thread of the conversation.

Update: The following day…

Blurred reading

When I was 17, my first proper paid job was in the public library just down the road from the Elephant and Castle. It was the first time I had come across large print books. They had their own section, and there was a huge demand for them. But though it was much more intensely used, the selection was much more limited, partly because they served only a fairly small proportion of the library’s users, but partly of course because only a very narrow range of titles was produced in the first place. They looked very boring and very distinctive – no money was wasted on design or on attracting readers, the covers were just slabs of colour, and they stood out at fifty paces.

That was a long time ago.

A few months ago, I got a kindle, slightly accidentally – I hadn’t thought I wanted one. To my surprise, it has more or less instantly become my preferred means of reading book-length texts. There are several reasons for that, but this post isn’t yet another kindle-groupie breathless review, so I am going to focus on just one feature which, from what I have seen, had got relatively little attention.

You can adjust the size of the text.

The kindle destroys the concept of a large print book, because it’s not the book which has a print size any more, it’s the reader (in both senses, the device and its user).

That instantly means that I can adjust my kindle to a size which is comfortable for me, which is bigger than most publishers’ default, though much smaller than large print. That’s a really useful feature for me as an individual. But it also has much wider implications. It means that there is no reason why every book should not be available for every reader, it means that there isn’t a highly constrained choice of books for people with weaker sight, and it means that the arbitrary, binary, and stigmatising divide between ordinary books and the large print list goes away.

All of that makes the kindle a lovely example of technology which changes the context in which it operates.

Most of the borrowers of large print books all those years ago were elderly ladies. I doubt that their successors of today are high on the target list for Amazon’s marketing of the kindle. But their successors of tomorrow could find that an almost accidental characteristic of easy technological flexibility brings a segregated service and segregated customers into the mainstream.

Reality distortion fields

Every person and every organisation has some form of reality distortion field. Some are more severe than others, and according to Stephen Toulouse, Microsoft has a particularly severe version of the problem:

The Redmond Reality Distortion Field:

The field that influences Microsoft employees and product designers to make wildly incorrect assumptions on the use of technology, computers and devices by the world. The field is caused by the fact that Microsoft employees tend to be far more affluent and have free access to technology than the general population. Generated by Microsoft employees, the field is centered in Redmond but can manifest itself weakly in any area where a significant number of employees gather, such as remote campuses or subsidiaries.

Its most common effect on individuals is to make design decisions or requests either on the way customers should use products as opposed to how they actually use them, or by the interoperability of a product in the unique environment of the employee’s home.

The field itself is invisible and exceedingly hard to detect, as once under its influence reality itself becomes distorted. Entire Microsoft products have been designed under the influence of the field.

Anyone who is not an ordinary customer of their own service is vulnerable to this effect. And it is almost impossible for anybody who had anything to do with the design or delivery of a service to be an ordinary user in this sense, if only because, by definition, they know too much.

That much is understood enough for the concept – or at least the rhetoric – of user centred design to be getting increasing prominence (if not necessarily similarly increasing traction). Even that though is easily undermined by a sufficiently powerful Reality Distortion Field. The result is innovation which is not necessarily very innovative or designing for users who are not very like the actual users of the service concerned. Anthony Zacharzewski has written a really interesting piece reflecting on how to create innovation which is democratic and scalable. The problem he sees is that:

There is a three-way divide between existing public service providers, who understand the context and constraints on change, the public themselves, who give legitimacy and are best able to articulate their needs and aspirations, and innovators both inside and outside traditional public service organisations.

The separation between these three elements is reducing rather than increasing the scope for innovation. Barcamp events produce good ideas, but are not networked into existing power arrangements. Public services are trying to innovate within existing structures, but cannot access the local enthusiasm and expertise which could keep programmes running and maintain innovation after outside agents have moved on to other things. Existing structures, cultures and processes within public services hinder innovation, not by building brick walls, but through a thousand little difficulties and inconveniences. As spending cuts take hold, there is a risk that innovation and energy will dissipate.

His solution is to propose the creation of an innovative civic space, ‘based on the democratic conversation’, which support the triangle of citizens, innovators and public services.

The space needs to provide connections, context and means of implementation. These are likely to focus around events, co-design sessions with public services, opening up seed resources or research, and links with innovators and ideas beyond the local area. Throughout this, the democratic conversation takes and informs citizens’ views, and engages them in the design and delivery of improved services.



This is powerful and interesting thinking which needs and deserves more reflection. One of my immediate reactions – from a central government large system perspective – is to wonder how far along the spectrum from research to participation to democratic validation it is possible in practice to get. Another is to recall a thought from Bruce Tognazzini which I have quoted before:

User-testing does not result in brilliant design. That requires brilliant designers. User testing guarantees that whatever level of design a company has been able to achieve will actually work.

In other words, the trick is to blend in the right proportions the professional expertise (and focused, dedicated and sustained time) to design, build and operate a service with the expertise of users and democratic owners of the system to understand, express and design the service which meets their needs.

Back in my own Reality Distortion Field (as if I could ever leave it), the challenge is to marry these approaches with the constraints of large system changes in a large organisation. Creating the necessary agility in not wholly promising circumstances will be the subject of my next post.

Design Jam

I have written a couple of times about the gap I see between the brilliance of hack days, as exemplified by Rewired State, and the need to build customer needs and user experience into the mix:

These projects can get off to a great start using their originators as their own use case, but they won’t become sustainable on that basis. Government has painfully learned – or, rather, is painfully learning – that starting off with the assumption that you know what is best for people doesn’t deliver the greatest results. I am not quite sure where the tipping point comes between creator-evangelists and customer-centred design, but I am sure it has to come somewhere.

So I was delighted to spot this flowing through the twitter time line:

The concept of a design jam is a new one to me, but it sounds as though it’s a cross between a hack day and an unconference/barcamp:

Design Jams are one-day design sessions, during which people team up to solve engaging UX challenges.

While conferences and talks are very popular in the UX community, we don’t have many events for actual collaboration, like the ‘hackdays’ enjoyed by the development community. Design Jams get designers together to learn from each other while working on actual problems. The sessions champion open-source thinking and are non-profit, run by local volunteers.

Sounds like a fantastic idea, even though I am left slightly wondering how you do user experience design without involving some users. I am not remotely qualified to go myself, but would be fascinated to see the final presentations – it would be great if the organisers were to open those up to interested non-participants.

Tickets are available from 1pm on Monday.

Barriers and trade offs

A couple of weeks ago, I wrote about some barriers across a footpath as a simple illustration of how easy it is to skew public decision making if the question is defined too narrowly.  Since then I have come across a number of things which add up to much clearer thinking on this than I managed then.  

The first was a piece by Mike Masnick on the not obviously similar question of whether governments should have the ability to tap internet-based phone calls in the same way that they have long been able to do for POTS (Plain Old Telephone Service – excuse for gratuitous use of one of my favourite abbreviations).  In the POTS world, it’s easy because there are telephone exchanges.  In the Skype world it’s impossible:  

Calls are encrypted end-to-end, meaning that only the end users who are parties to a call hold the secret keys to secure the conversation against online snoops. There’s no device Skype can install at their headquarters that would let them provide police with access to the unencrypted communications; to comply with such a mandate, they’d have to wholly redesign the network along a more centralized model, rendering it less flexible, adaptable, and reliable as well as less secure.  

So the question becomes how far it is appropriate to require Skype to change its business model and technical architecture for its many millions of customers in order to allow the interception of the conversations of what is presumably a very small proportion of those customers. It is clearly possible to argue the point either way, but the point here is not to resolve, or even engage with, that argument, but to draw out the nature of the trade off being made.  

Now here’s another example, this time from Cormac Herley of Microsoft Research in a paper with the splendid title, So Long, And No Thanks for the Externalities: The Rational Rejection of Security Advice by Users [pdf]

We argue that users’ rejection of the security advice they receive is entirely rational from an economic perspective. The advice offers to shield them from the direct costs of attacks, but burdens them with far greater indirect costs in the form of effort. Looking at various examples of security advice we find that the advice is complex and growing, but the benefit is largely speculative or moot.  

The argument is essentially that looked at at system level, the aggregate costs to users of complying with security requirements may well outweigh the aggregate benefit to them of doing so, and that therefore non-compliance is a rational response.  As Herley stresses later in the paper: 

While we argue that it is rational for users to ignore security advice this does not mean that the advice is bad. In fact much, or even most of it is beneficial. It’s better for users to have strong passwords than weak ones, to change them often, and to have a different one for each account. That there is benefit is not in question. However, there is also cost, in the form of user effort. In equilibrium, the benefit, to the user population, is balanced against the cost, to the user population. If observed user behavior forms the scales, then the decision has been unambiguous: users have decided that the cost is far too great for the benefit offered. If we want a different outcome we have to offer a better tradeoff. 

It follows that understanding the cost of compliance is essential to understanding the net value of the policy.  Herley does a rough and ready calculation of the cost in the USA from multiplying the number of users by an hourly value of their time: 

This places things in an entirely new light. We suggest that the main reason security advice is ignored is that it makes an enormous miscalculation: it treats as free a resource that is actually worth $2.6 billion an hour [...] 

When we ignore the costs of security advice we treat the user’s attention and effort as an unlimited resource. Advice, policies and mandates thus proliferate. Each individual piece of advice may carry benefit, but the burden is cumulative. Just as villagers will overgraze a commonly held pasture, advice-givers and policy-mandaters demand far more effort than any user can give. 

Then finally, along comes Paul Clarke being authenticated over the phone by an insurance company.  It does not go well

Match the process to the risk. That’s all I ask, as a process rationalist. It works. The one really gold-standard online transaction that government offers – the tax disc – works so beautifully because just such a risk-based decision was made. You don’t have to exhaustively prove that you are the person connected to the licence reminder or the car. You just have to have the reference number in your hand, and a means of payment. 

Paul has put his finger on something important there.  I too have found over the years – rather to my disappointment – that nobody has tried to pay my bills fraudulently. I remember arguing when plans were first being made to put VAT online that the point at which strong verification was needed was the point at which a trader was applying for a refund.  At that stage with very low levels  of adoption, putting equivalent obstacles in the way of somebody trying to make a payment (this was at a time when companies were being encouraged to buy digital certificates at £50 a time) didn’t make a great deal of sense. 

But it is a comment to Paul’s post from Adrian Short which sums all this up in the neatest form I have seen: 

Firstly, you need to get the balance right between having false positives (letting the wrong people in) and false negatives (keeping the right people out). Where that line is drawn very much depends on the underlying value of the data/transaction. 

Secondly, you must acknowledge that your security measures have a cost both for the organisation and its customers. This cost must be offset against the value of the transaction, including the cost as described above that legitimate customers may not be able to complete the transaction at all.

There is a “security” mentality that says that every process should have as much security as possible, whereas it should actually have as little security as necessary. Good security is proportionate and as far as possible, unobtrusive. 

All those examples – except the pavement barrier I started with – are about security in one way or another.  That’s not an accident, but it’s not the complete story either.   The real point is that missing the balance of costs and benefits in the widest sense leads to skewed decision making and it applies to every aspect of service design.  The reason why security issues so often come up as examples is, I suspect, not because that basic principle operates any differently, but because in a wide range of organisations and services in both private and public sectors, security is applied as an overlay from a perspective which, as Cormac Herley observed, tends to see the benefits of greater security more clearly than the costs.  I am definitely not arguing that we should ignore or neglect security: money and personal data are valuable commodities which attract serious criminal interest and it would be complete folly not to have appropriate defences in place.

But the basic point remains the same:  the costs of design decisions need to be understood as clearly as the benefits.  And if the costs fall externally while the benefits are felt internally, there is no incentive to reduce the costs and a continuing risk that the balance will be struck inappopriately. Managing that risk is an important job for any service designer.