The new GOV.UK login system is the first step in a radical transformation of the British state
A British "DOGE" (of sorts) is rearchitecting the government
My next event! On March 25th, I’ll be speaking to the excellent Anya Martin about housing politics and how the YIMBY movement has been so damn effective over the last few years. You can find out more details and buy tickets here.
Like everyone, I’ve been watching in horror as Elon Musk and his “Department of Government Efficiency” (DOGE) have been recklessly tearing apart the American government. What I think has been less noticed though is the vehicle through which Musk is doing it.
Officially, DOGE is the new name of USDS – the United States Digital Service. This was an agency established late in the Obama Administration, which was tasked with dragging the federal bureaucracy into the 21st century by improving its digital capabilities. Its creation was directly inspired by Britain’s hugely successful Government Digital Service (GDS), which since 2011 has played the same role over here.
Since Musk came in, the agency’s mission has obviously changed significantly. As per Silicon Valley’s mantra, he is moving fast, and deliberately breaking things. Which isn’t a great idea when the government is responsible for ensuring that aid recipients don’t starve, or that planes don’t fall out of the sky.
Despite the horror though, it doesn’t mean that in principle, something that looks a little like DOGE is a bad idea. The US government, like our own, is often weighed down by outdated technology, sluggish proceduralism, and bureaucratic processes that make it less responsive, and less able to deliver for citizens. So having an agency specifically tasked with retooling the government might be a good idea, if only it were not led by a malevolent mad-man.
This brings me back to Britain.
In a strange coincidence, the day after Donald Trump took office and established DOGE, the British government also announced what I’ll slightly irresponsibly describe as a “British DOGE”.
The new “Digital Centre of Government” – which mercifully doesn’t have an acronym that’s a meme – was announced by Technology Secretary Peter Kyle on the 21st January, and on the surface it’s essentially a paper shuffling exercise which pulls together many of the bits of government that do digital stuff, and puts them under the umbrella of a newly beefed-up GDS.1
But what nobody seemed to notice was the startling level of ambition hidden within the plans – that if realised could not just improve how the government does computer stuff, but could remake the British state over here almost as dramatically as DOGE is doing in the United States.
There is good news though. Unlike Musk and his bull in a china shop approach, the “British DOGE” is actually a good idea – and the new plan has actually been carefully thought through, and might actually make our government work better, instead of catastrophically worse.
So let’s dig into what that plan is.
If you like nerdy essays about politics, policy, tech, transport and media, you might like my newsletter. Subscribe (for free) to get more like this direct to your inbox.
One Login to rule them all
Our story begins with an annoying problem.
Today, there are hundreds, if not thousands of different government services we can interact with online. That’s everything from paying our taxes, to renewing a passport, to applying for a fishing licence.
Historically, these were all built as different systems, by the individual government departments that were in charge of them. This means that once you’ve interacted with a few different parts of government, you might end up with multiple different logins. This isn’t great for users, as it means remembering multiple passwords for services that most of us won’t interact with very often.2
That’s why back in 2023, GDS launched a new login system called One Login. The idea was that instead of each government service requiring its own credentials, you could have, well… one login… that would eventually work for everything.3
Conceptually, it’s a similar idea to how you can use your Google account to log in to many more apps and services than just your Gmail – like Google Docs, YouTube, or even third party apps like Duolingo.4
Today, you can already use One Login to access many government services, including applying for a veterans ID card, getting a DBS check, or finding a teaching job. So far though, the most heavily used government services – Universal Credit, HMRC, and Companies House – haven’t yet moved over to One Login, and have their own separate login systems.
This is presumably because if anything goes wrong when those big systems are switched over, people will actually notice – so the government is (pretty understandably) taking it slowly. The intention though is that eventually, most government services will transition to the One Login system.
And this is pretty cool, right? A more convenient way of accessing government services online that will eventually make accessing services easier for millions of people. But this isn’t the best part. One Login is actually more important for another reason.
The blueprint
The first era of digital government began back in the 90s, when the first government services went online. The second era followed the creation of GDS. As I’ve previously written, GDS’s main innovation has been to make digital services actually tolerable to use – by building websites that are built to modern design standards, and work well on phones and other devices.
Now though we’re entering what I’ll call the third era. Along with the reorganisation of the government’s various digital teams, Peter Kyle published a “blueprint for digital government” that sets out the principles that will guide GDS into the future. It’s an important document, because this is the key that reveals the government’s not-so-secret plan to reengineer the state.
“The newly formed digital centre of government has been set up to lead work that’s more than just a change – it will help catalyse a wholesale reshaping of the public sector, reaching out to local government, the NHS, and the private sector too,” writes Kyle in the foreword.
So what’s different? The blueprint document refers to itself as a plan to adopt a “digital-first operating model,” – but I think it’d be more accurate to call this a “digital native” approach, because it explicitly pushes towards a conceptual shift analogous to what we’ve already seen in consumer technology.
To explain what I mean, think back to 2007, for example. Back then, the first iPhone apps were basically skeuomorphic recreations of things that exist in the physical world: A calculator, a notepad, a clock, a camera. Even email works in more or less the same way as sending a postal letter.
As technology matured over the years though, our phones started to do things that would be impossible in the analogue world, as apps that took advantage of the unique capabilities of our devices. We saw the emergence of social media with customised news feeds, collaborative editing where you and your colleagues can work on documents simultaneously, and so on.
In other words, once these basic capabilities had been ‘digitised’, it created digital building blocks that could be remixed and reused. And from that, new, emergent capabilities emerged. Digitising the map means we can build apps where you can order dinner and watch the driver bring your meal to you. Digitising the camera means we can have Instagram and TikTok. You get the idea.
The government though has been a little slower. But right now, we’re at a similar inflection point with many of the government’s core digital services.5 They’ve been successfully ‘digitised’ – data is stored in databases, and in many cases is accessible via APIs and apps. And though accessibility and inclusion is still important, the default assumption for government is that most users are not filling in paper forms, and instead are interacting with services through their screen.
And now, as per the blueprint, there’s a huge opportunity for digital services to take this next leap in capability.
Joined-up thinking
The crux of the blueprint is a "six-point” plan for reform. There’s some blather about skills, procurement, transparency and AI – which are important. But what I think matters most are two principles that build on seeds that have been planted by GDS over the last thirteen years. It is these that could change how we structure the government – and how we interact with it.
For example, here’s the first part of the blueprint’s six point plan:
Join up public sector services: enabling next-generation public services, better supporting businesses, redesigning cross-organisation end-to-end service delivery, ensuring services are consistently high standard, and acting as one public sector.
This is essentially a mandate for GDS to try and do more of that next-step digitisation I describe above – moving from simply digitising government services, to joining them up so that smarter things can happen.
For example, say you were to move house. As things stand, the burden is on you to remember to contact a whole bunch of public sector organisations to update your address on your tax records, driving licence, student loan repayments, NHS records, and so on. There’s no mechanism by which updating your address with HMRC will update your driving licence with DVLA – even though both agencies are part of the same government.
And when you think about it, this is actually crazy. If you update your address on Gmail6, you don’t need to then go and do the same thing separately on Google Maps, Google Drive and YouTube – all of those other services that are owned by the same company, and updating one will update the rest.
This specific problem is something the government wants to tackle – the blueprint includes a call for a “once only” rule, which means citizens should only need to tell the government something once, and that the burden should be on the government, not citizens, to cascade that information across the relevant government departments.
It’s a smart idea, and one we already know can work, as it already exists in one very narrow use-case: When someone is dead.
If you’re wrapping up someone’s affairs, since 2011 it has been possible to use the “tell us once” service7. This works as you imagine it will. When you hit submit, it will automatically trigger a notification across many of the different parts of government that need to know about the death, reducing the admin burden and the need for you to manually contact a bunch of different places.
However, death reporting is the only place this really happens. So how can this be generalised across government? There are potentially hundreds of government databases that could benefit from similar functionality. Ideally, we want the “once only” rule to work for everything, from changing your name on your passport triggering an update to your NHS record, to your local authority determining your kid has special needs automatically updating your benefit entitlements at the Department for Work and Pensions.
Faced with this complexity, it becomes quite useful to have, say, a shared login system that you can use to join together different government systems. Because if someone has used the same login – One Login, if you will – for multiple different government services, you can be confident that they’re the same person – and their records across government accordingly.8
Mind the GAAP
As you can hopefully see by this point, One Login is an extremely useful thing for a government to have. But it is only the beginning.
The other significant part of the blueprint – at least in my opinion – is that it doubles down on another important principle.
Strengthen and extend our digital and data public infrastructure: expanding GOV.UK One Login and other common components, enabling access to data through the National Data Library, strengthening cyber and technical resilience and building more responsibly.
The key phrase here is “common components”. This is the government reiterating a belief in “government as a platform” – a term that was first popularised by the author Tim O’Reilly.9
In essence, this is the idea that the government should not just operate services but that it should also operate platforms.
One Login is one such platform. It’s a component that anyone working across government can plug into their government service to handle users logging in. And it is not the only platform GDS has built. In fact, government-as-a-platform isn’t even a new idea for the agency. Since way back in 2013, GDS has built a number of common components that are used across government.
For example, if a government department needs to take payments, it no longer needs to build its own payment system, or work out its own bespoke deal with credit card providers. Instead, with just a few lines of code, a programmer can integrate a pre-built, fully-fledged payment system called GOV.UK Pay.
Similarly, if a government service needs to send someone a message whether via email, SMS, or even physical post, departments no longer need to sign a contract with a mobile provider or hire people to stuff envelopes. Instead, they can simply integrate a widget built by the GOV.UK Notify team.
And most recently, at the GDS relaunch, one of the headline announcements that did actually make the news was that inside the forthcoming GOV.UK app there’s going to be a virtual GOV.UK “Wallet”.
Most reporting focused on this meaning you’ll be able to carry a virtual copy of your driving licence, and leave the physical card at home. But what’s more important is that this wallet will, over time, become a store for all sorts of government credentials you may want to carry – from fishing licences, to your blue parking badges.
This is all to say that building platforms as components that can be dropped inside other government services is a powerful idea – which can make it easier for government departments to build stuff. Rather than starting from scratch, building a new service is more like building with pre-fabricated parts.
For example, imagine we decided that replying to people on the internet required a licence to prove that you are capable of reading the original post properly before responding.
Instead of having to build from a blank page, the Ministry of Information could use One Login, GOV.UK Pay and Notify to handle logins, processing fee payments and the sending of emails to say whether or not your application has been successful. And then when you get your posting licence, you could store it in your GOV.UK Wallet, ready to show to the Bad Internet Posting Inspector whenever you need to.
You’ve read this far and haven’t subscribed yet? Go on…
The transformation of the state
Hopefully at this point, you get a sense of the ambition that I think the blueprint represents. But I’m guessing you might be sceptical of my bolder claim: That this represents the first step in radically transforming the British state.
This is certainly the impression the blueprint wants to give. It sets out a slightly less hysterical vision of how to build government services that, if it can be done, will make the government work much more effectively. If the blueprint is successfully implemented, it will make everything from paying taxes to renewing a driving licence less annoying.
“Very impressive for sure," you’re not doubt thinking, “But transforming the state?!”
This is where we enter the realm of informed speculation.
If you want to get a sense of where I think all of this is going, then the one book you need to read is Platformland, by Richard Pope.
Pope is, appropriately given his name, something of a spiritual leader for government technologists. He worked at GDS right at the beginning, and was an architect of many of the principles that transformed how the government does digital stuff first time around.
He was also an early advocate of liberating the Postcode Address File.
But even more important than that, I understand that Richard was also involved in putting together the digital government blueprint – and if you read both it and his book, you can see his fingerprints all over it. And this is a very good thing.
The book, unsurprisingly, articulates many of the same ideas that – but is a much better read, as it has not been drained of life by government press officers.
For example, when describing the “tell us once” idea described above, Richard says that “every time a form that could be filled in by a machine is not, we should see that as a theft of time from the public”.
And at another point, he says “if they are poorly designed, digital services can end up resembling a ‘denial of service attack’ on our brains.”
Anyway, my point isn’t just to say that I loved his book, but that it also does something the blueprint merely alludes to.
For example, in one section, Richard paints a picture of a future where you might log on to the GOV.UK app, and it shows you a list of notifications that are relevant to your life: It tells you when your next welfare payments are due, it reminds you to renew your driving licence, it offers updates on a planning application near your home – and it knows that you have a child starting school soon, so helps you add details related to your child’s school to your account.10
This might sound simple to describe, but putting all of this information in the same place isn’t possible with existing government systems. But if these systems can be joined up – suddenly this sort of capability doesn’t seem like science fiction.
I think this is why I think the blueprint is important. It’s a mandate to break apart government into building blocks – which can then be used to build new things, more quickly.11
And if the vision alluded to in the blueprint, and articulated in Platformland can be realised12, it could be an enormous boost of Britain’s state capacity, and make the government work much more efficiently – at the same time.
For example, think back to the pandemic. As Robert Colvile observed, the government’s response was essentially limited by its databases.
The reason the vaccine rollout was such a success was partially because it was a relatively simple database problem: Everyone already had an NHS number, and all vaccine clinic staff needed to record on their iPad was a tick against your number to say you’ve received the vaccine. Similarly, in terms of appointment booking, everyone received the same treatment – further simplifying what needed to be built.
But similarly, the reason why the economic response was more controversial, was because the government only had the blunt instruments of the PAYE and self-employment income databases. Which meant that there were pockets of people who got screwed by the furlough or self-employment support system, because of their more complicated circumstances.
Now imagine if we had the government described in Platformland, where the functions of the state have been transformed into components and APIs. If there was suddenly an emergency, like a pandemic, it’s suddenly much easier for a much smaller team to piece together new services at speed, to meet changing circumstances.
In other words, by rebuilding the state along the lines of these new digital principles, suddenly you have a state that is more responsive, more capable, and better able to deliver for its citizens.
Every DOGE has its day
I suspect if there are any GDS people reading, then approximately every single one will be unhappy with the DOGE metaphor I used to frame this piece.
And I admit that I am being deliberately provocative because, well, it tricked you into reading three thousand words about reforms to the technical underpinnings of the government’s digital services.
But I really do stand by my claim that the digital government blueprint is significant – and could remake the government, by improving the state’s capacity to deliver. I suppose the newly upgraded GDS is more like the anti-DOGE, in that sense?
And if the vision is achieved, it will genuinely affect how the government works and the state plays in our lives.
For example, could it lead to the state playing a more paternalistic role, if government services are keeping closer tabs on our lives? Would it be weird for the state to proactively recommend benefits to apply for given your circumstances?
Similarly, perhaps a rebuilt government could raise the expectation of transparency in how government services operate? In Estonia – often cited as one of the leading nations for digital government13 – whenever your data is accessed by a government department, it is recorded on your account, and you can log in and see which bits of government have been looking at your data. Perhaps we’ll start to demand similar accountability here?
Or could it change the power relationships between government departments? Traditionally, Westminster has been a deeply siloed place, with beef between, say, Transport and Treasury just as important as the beef between Labour and the Tories. So what happens when there are common components acting as gatekeepers across departments? In the last few weeks, Elon Musk has vividly demonstrated what happens when a payment system is centrally controlled.
And then, of course, there is the perennial question of privacy. If more government services are joined up, does it increase the risk of a “papers, please” society? Or is it worth the trade-off given the utility of connecting databases together? In fact, some advocates of Digital ID like the Tony Blair Institute have already identified One Login as the seed from which a fully-fledged national ID system could be built.14
So could the blueprint eventually rewrite the ‘social contract’ between the citizen and the state?
These questions are all much bigger than this one essay. But if the blueprint is successfully implemented, these are all issues we’re going to have to think about. And it all will have started with a simple login system.
Phew! Holy hell that was a long one this week. If you read this far, then you definitely enjoy my work. So make sure to subscribe (for free!) to receive more takes on politics, policy, tech and much more direct to your inbox.
Amusingly, I understand that the civil servant who under the last government was tasked with managing the break up of various digital functions and moving bits and pieces to different departments, is now the same person tasked by the current government with bringing all of these functions back together.
I know that you use a password manager, and I agree – everyone should. But the reality is that most people don’t, and many will find the idea completely incomprehensible. If you don’t believe me, try to explain a password manager to your parents.
Here’s a footnote to acknowledge the failure of Verify, a whole other tale I do not have time to go into today.
It goes without saying that the actual picture is wildly more complicated. Some services are all-singing-all-dancing modern services built to modern standards. Some are creaking old databases with a slick modern UI slapped on top. Others are little more than a form that when filled in triggers an email to a civil servant, while pretending to look like a real digital service.
I know these individual services may not need your address, per se, but I’m trying to paint a picture here! Maybe say “profile photo” or “display name” or something, but it makes the analogy slightly harder to follow.
Amazingly Tell Us Once actually pre-dates the creation of GDS, and was initially the work of DWP.
If this wasn’t already extremely long, I’d explain the incredibly clever way One Login verifies identities. Maybe something for a future post.
Incidentally he’s married to Jennifer Pahlka, who went on to create the US Digital Service, which is now DOGE. Full circle!
Maybe it could also show you how many points you have on your Posting Licence.
This is a well known idea in the tech industry, and has become known as the “Bezos mandate” – named for the 2002 email where Jeff Bezos famously which ordered each unit inside Amazon to build its systems so that they could be interacted with purely via an Application Programming Interface (API) – essentially a way for computers to talk to other computers.
And as a result, it means today that if Amazon wants to build a new thing, it can usually spin it up with a so-called “two pizza” team. Benedict Evans gives the example of if Amazon decided to start selling shoes. All it would need to do is to build an app that plugs into the existing user accounts system, the existing payment system, and the existing package distribution system – and it could have it up and running within hours.
It goes without saying that I’m absolutely not doing Richard’s work justice in my description of it here – it’s a big vision and you should read the book.
Though as is often pointed out, Estonia is a country of 1.3m people with a much less complicated relationship between local and national government, so of course it is good at this stuff.
One Login has been designed with various privacy considerations – such as one department can’t see the data on you held by another department. But ultimately the system does rely on the user trusting at least the government department that controls user accounts. There’s a much bigger privacy conversation I haven’t gone into here, because this is already too long – which is linked to some of the ideas for the National Data Library.
I agree with much of this, but one underplayed trade-off is how linking data across government services reduces individuals' control over their own information. This can create murky trade-offs and unintended consequences.
To give one example: I know of a public sector organisation in the health field that went all-in on 'one person, one record'. Superficially, this made a lot of sense, as it makes contextualisation much easier if you can see every interaction an individual has had with the organisation in a single list.
EXCEPT - that's not really how life works. If you, as a journalist, contact that organisation, then should that professional query really be stored alongside your personal medical data? Similar things apply to other professionals, say a headteacher contacting the service for advice about a pupil. I think most people would have a reasonable expectation of a 'firewall' between personal and professional interactions, but this was not how the system worked. This led to a load of workarounds - inventing people called Mr James O'Malley Query About the PAF, for example - that made the underlying data much worse.
Your example of not having to update multiple Google services illustrates this further. Many people have multiple Google accounts to keep their personal and professional lives separate, and they reasonably expect to update each one separately. But when the government ties all interactions to a single identity, that separation becomes impossible.
"Tell us once" can quickly morph into "tell the entire state at once" - and this isn't necessarily desirable. For example, we offer free tuberculosis treatment to everyone, regardless of whether they are entitled to NHS care, because this is the best way to protect the public. This means that there will be people in the country illegally who are sharing personal information, like their address, with the NHS. If we link that data up with the Home Office, the net effect is to prevent people from accessing treatment for an infectious disease and thereby increasing the risk to the public.
Similarly, you might register a particular, private, phone number for your interactions with services where you need a reasonable expectation of privacy - for example, if you're reporting a safeguarding concern about a member of your family. Disaster might follow if all of your different phone numbers just get thrown into a single identity - or, more likely, services find work arounds and store phone numbers in unexpected places which exacerbate the problem the data sharing tries to solve - because it becomes very difficult for anyone to reliably update all of their data, even with a single service.
So, yes - there are a lot of good ideas in here, and the direction of travel is probably right. But it’s an area that needs careful thought and planning, as these kinds of changes often have unintended consequences—especially for the most vulnerable in society. We need to be open about the fact that ‘convenience’ often comes at the cost of personal control over data. This trade-off might sometimes be justified, but it deserves far more scrutiny than it currently receives.
This is such an excellent explainer, and filled various gaps in my knowledge of how we got to here. Thank you James.