Same applies to all things. Citizens and grassroots people should be empowered to have a say in how things work, quite often they know better and can say where value chains are failing. The problem so far is that nobody listens to them, they prefer to listen to the old boys network. If you step over to the high speed broadband debate on this forum you will see that another failure with inside interests driving the agenda and not delivering a solution. Agree, eHealth is a prime example of this too.

I don't think we should reduce co-creation to a government-controlled innovation in public service delivery. Co-creation is also about citizens/NGOs/private companies taking the initiative and proposing an effective solution and this way saying 'no' to the existing one (and best case scenario government taking interest in the endeavor - see Google Transit which was embraced by many transport agencies worldwide). Have a look at Chris Taggart ‏improvements in local government service delivery (http://openlylocal.com/) and his new project aimed at unlocking the business registry data (http://opencorporates.com).

Co-created services are often not aiming at replacing an existing public service, in most cases they're building a new functionality to it making the existing service more effective. For examples collaborative public complaint systems (FixMyStreet or SeeClickFix) are the way to prioritize the needs of citizens who alert their local government of 'things that should be fixed'.

Innovators often start from 'additional services' as co-creation of already established services is much more difficult a process.

Citizens should not only vote or dismiss the options proposed by the government. They have experience as users and a unique perspective to offer. On more how citizens can contribute to public e-services delivery see @osimod post http://egov20.wordpress.com/2011/11/22/6-things-only-citizens-can-offer-...

Co-creation should be encouraged from the inside (change of mindset is necessary) but also from the outside. EU Open Data Strategy is an important part of this change but it is more to be done. Other solutions include inducement prizes for innovative solutions but also 'hacking' training for young people (e.g. European version of NY Hacker School - https://www.hackerschool.com/).

This discussion seems to put many aspects into one pot and indeed creates some confusion. Interoperable eID is not about sharing a single identifier, it is about returning data and assets from administration to citizen so that they can make maximum benefit out of it.
Services and new technologies is about finding the borderline between what administration offers (and there it is about quality and liability) and what is added by citizens and others in their domain. Interoperable eID in this context is about empowering citizens to decide where eID and data can be used. Several models show that this can be done without centralization or a single identifier and is indeed returning privacy to citizen.
Most of the threatening situation we are faced with the present security situation in the internet is borne in weak identification both of services and users.
With STORK, the situation is truly to empower the citizen by enabling him or her to use high quality eID vis a vis other services/ countries etc. It is not about handing over from one authority to the other without consent or knowledge. To the contrary it is the citizen to trigger action in order to benefit from liability and responsibility of his identity provider and use it vis a vis others.

I can see that and honestly am not surprise that some people take offense in the objection to make identification determistic.

I would politey suggest that those that see this as "Freedom vs. security" discussion realise that we are way past such simple understanding.

Standards do not create interoperability if they exclude solutions to problems. And Always-Identification is only a miniscule subset of the wider group of Identity security models.

Three aspects are characteristic of this subset
a) Control over data ALWAYS transfer, i.e. it inherently create risks and dis-empowerment.

b) It create legacy as in preventing innovation and preventing security asynchroneus upgrades

c) It unnecesarily creates points of attack as the group is inherently based on reuse of keys and identifiers.

What we are witnissing is a massive mindset problem which will take time to correct. You still see security lectures claiming "Identification create trust" even though identificaiton always crete risks - it is overkill and unbalanced by design.

No they DONT - they claim to be because it is "good language", but in reality you are best case allowed to co-view on their digital surveilance cameras deep into your private spaces without ANY security.

Look to UK as an example - you have NO control and are made 100% transparant to systemic abuse of data.
http://www.informationstrategy.dh.gov.uk/

Why? Because it is in the interest of those making the systems - THEY want bureacuratic and commercial control and you just get BS. Everybody loose ecxept the abusers.

"At the same time, on the paradox of choice see this TED lecture by Barry Schwartz: "

Too much chouice make people misrable and fall in to pralysis because they have higher expetations and fear their choice is not perfect.

Sure - I accept that and knew of his points.

But politely this is not what we are talking about here. Barry Schwartz himself say that it is much worse with too little choice. Ask a prisoner who do not have the key to the door or <make your own example>.

My point is that Mandatory server-side identification is too little choice as it is in reality almost a one-size-fits-nothing. Control is always somewhere else.

Security and identity needs to fit purpose, but it does not mean that it need to fit purpose perfectly - and likely wont. it does however need to take into account the core and big issues.

Fact is - all national id card today take control AWAY from citizens - why? Who said that suddenly technology was supposed to work AGAINST democracy instead of supporting it?

In the physcial world I can buy a product paying with cash - retaining full control. In the digital world, I COULD also pay with Digital Cash - expect I do not have the choice. Why?

My point is not that we dont want better security than physical cash can provide - but why should improving payments mean dis-empowering citizens?

IDABC is dis-empowering and non-interoperable by approach. Why?
a) Because it is about making dictates about THE solutions instead of opening up for many solutions determined by the demand-side.
b) Because is has a narrow centralist view of citizens as someone to be managed. The entire eSignature / Storck approach is wrong because it focus on identification and then servier-side management and control of processes.

If we instead moved beyond Idnetification to a more flexible identity assuming each transaction serverside is linked to a pseudonym but NOT linkable serverside to e.g. national id or any reused identifier, then services are FORCED to REQUEST information FROM the citizens who

1) Is IN CONTROL of personal data both before, during
and after the transcation
2) Is able to create NEW mashup services on top of services combining these or adding new functionality WITHOUT releasing control to any intermediary.

The challenge is the proper deconstruction of identity and key management devices that are trustworthy also for service providers as there explicitly are and should NOT be any backdoors or implied "trusted parties".

If any of the fine words are meant seriously, this is the EU Grandest Challange of them all.

Asia focus on lowcost production, US on commercial ownership of People. If EU is to make any sence, we believe in people being able to manage their own lives BETTER than bureaucrats or corporate profilers - actually we has built our entire set of values on this single notion of free empowered choice.

Problem is that the technology implementation sofar has been contradicting all the fine words.

Linking Security with Economics - Re-Empower Citizens & Companies to Secure Economic Growth
http://ec.europa.eu/information_society/events/cf/daa2012/document.cfm?d...

The political "growth" discussions are primitive and counter-productive because they are limited by the understanding of equilibrium economic models - that DO NOT UNDERSTAND the importance of change in all value creation.

Instead you get keynesian "kicks" that do not work. They focus on either scaling the demand-side (debt-financed demand leading to ever-bigger financial crises to create growth) or Invention (e.g. research incentives) - instead of removing barriers to innovation, promoting change and empowering citizens.

Empowerment has several layers and often all the emphasis is on citizen "ability" (of e.g understanding or funding) forgetting the fundamental Citizen POWER over money and - more importingly - personal Data that is really essential when we focus on economic impact.

What does it mean ?

It means that no operational reuse oif personal data CAN occur unless the citizens actually wants it and if so the citizen still retain control over data both pre-, during and post-transaction..

How - instead of eIdentification, you incorporate security through using different empowered Identities for different transactions and ensure ONLY the citizen herself can transfer data between different Contexts simply because they do not share any common identifier.

You need it
- for economic reasons (emPOWER free choice)
- security reasons (hackers are dis-empowered)
- privacy reasons (create contextual isolation)
- to counter behavoural profilling (cannot link across purpose)
- as a pre-requisite for cloud (no security in cloud)
- for basic rigths reason (Privacy by Design)

Citizens wants it
http://daa.ec.europa.eu/content/cloud-require-empowerment-pre-requisite

Notice - there is ZERO value loss, only value creation and drastic improvements in security and competetiveess - citizens get enforced access to data and can generate any combination & reuse herself - if the value is sufficient.

The ONLY problem - bureaucrats & Commercial infrastructure dont like to loose control over citizens, but that is EXACTLY what is needed to break the Command & Control failure.

I am not sure I answered this properly?

It is as simple as identity support structures should enable citizens top create and exclusively maintain control over subsets of data related to different purposes (transactions, relationships) only linkable to a purpose-specfic pseudonym. That is what I call a Contextual Identity

There are lots of technical issues which goes beyond a forum like this.

But the essense is to eliminate the trade-offs and empower citizens in relationships - both to access data and to control reuse (moving data verifiaible from one pseudonym to another).

An example is a University Degree, this is issued by the university in one Context (A) and can through cryptographic means be proven in another Context (B) relating to the same citizen without linking the two Contextual Ids.

If B wants additional data, there is only one way to get them - Ask the Citizen to provide them through a Request for Data. The Citizen id devices can then search its history and get the data.

If B does ANYTHING that displeases the Citizen (spam, bad products, bad service etc.), the Contextual Id can merely be revoked thus the Citizen can exercise real Power over serviceproviders.

Of course Citizens cannot Reoke th Contextual Id if they have entered into a binding contract with obligations as that would incorporate security credentials that the citizen can not just revoke.

This is what we can call true Empowerment even through the terms has been used on many layers from the low-level security over tools and knowledge/understanding to transfer funding.

Citizens can share data freely, but never loose control. Service Providers can do the same as no third party is able to steal their customers when the Contexctual Id is locked to the Service Provider and 3rd party services cannot identify the citizen.

RIP Behavrioral Profiling
RIP "Privacy" discussions.
But first and foremost this will enable economic growth as value chain recover from the present distoretions in infrastrcutre intermediators such as Google, payments, telcos that all try to own citizens etc.

I am sure, Stork did and are doing its best.

The problem is in the mission statement more than in the way, it is carried out.

To me, identification is a simple attribute of an identity that should in principle never be exchanged in other than person-to-person interactions.

The concept of "secure identification" in my understanding does not make sense - secure for what? The data related are made vulnurable BY the identification (wouldnt without identification), the person can be targeted and tracked, the service provider Customer DB gets profiled from infrastrcuture, reuse of keys always represent a risk of man-in-the-middle or other kinds of identity theft etc.

But the worst part is that the standard etablish a bottleneck that create one-size-fits-nothing. We cannot credibly secure a transaction after identification has occured - it simply cannot be done.

Yes - and your point?

Given the mistaken mission statement, Storck dont do to bad - sure..

It’s not the first time someone expresses his fear for STORK being some surveillance tool. Frankly this surprises me: I can’t imagine the EC and several European countries collaborating in a tool to spy all use of its citizens of personalised services on the Internet. And worse, proudly present such a spying tool! I guess that nearly all EU citizens would not expect their governments to build such a tool.
The first time someone expressed this fear was during a presentation some 3 years ago, when little was known about STORK. At present all STORK documentation is publicly available at its website http://www.eid-stork.eu. In this documentation you’ll find that over 100.000 European citizens have used its services and the majority was satisfied with this experience. This for sure is a good reason to proudly present one of the outcomes of the Competitiveness and Innovation Program, don’t you think so?

This is really a very valid contribution, getting back to the topic ot the blog.
Not "STORK is bad" because of <slogan>, <other unfundamented accusations>, and <business-bingo phrases>, which we don't want to explain, and neither do we want to read the docs. BTW I would suggest the moderator to eliminate all STORK related comments, as they don't have anything to do with the real topic.
The real issue of this blog is exactly what Paul Timmers expresses. If all CIP and FP7 projects have their own channel to receive comments from citizens, what could the EC do to improve the contribution of citizens to EC projects, to make sure that these initiatives connect more to them? Is co-creation the best terminology?
I know that EC through their Project Officers and Review teams supervise the projects, and not only the technical (and security) contents: also the value for the EU citizens.
As I'm on the inside, maybe I don't see the world the same as others do, but what do others see as tasks of the EC / EU? THAT's the big QUESTION.

Innovative ways to involve the citizen?

>> Co-creation always existed in some way or another, but now with digital and social technologies it can be amplified and accelerated.

I am wondering practically which kind of approach could be used to involve the citizen.
Should we think about very innovative approaches such as Prediction Markets ( http://en.wikipedia.org/wiki/Prediction_market ) to help to identify trends that matter?
Should we try to use (serious) simulation games in which the citizen would be able to get an impression of a consequence of an innovation?
We may also involve the customer via organizations that represent them (that are for instance are relatively strong in the US if I am not wrong).
Any idea on this? (making use of the social process)

Note:
We should also understand what we expect from the citizen, since there is still some limit in the concept of "listening" to the customer that has sometime be exaggerated (for instance radical innovation is often something not fulfilling an existing need, but offering something totally new and not originating from decoding the collective mind of the customers).

We can and must do better. New technologies like chemometrics will radically change healthcare, but only if we allow it and facilitate it instead of using technology for bureaucratic centralism who consistently design for Dis-Empowerment.

I hear your words addressing one of the core problems, but consider them a representation of what I call a bureaucratic "First order Syndrome".

I will point to this attempt to get back on track in the discussion
http://daa.ec.europa.eu/content/first-order-syndrome-shorterm-vs-effecti...

"Enrichment" is ignoring the facts and consequences, when "Co-creation" is nothing more than outsourcing data-entry while centralizing process and data control even further.

Processes will not become more effective with surfaces outsourced when value chains and processes are even more rigidly fixed instead of controlled and governed by demand-side choice.

And then on top of this - "obligation" - which in the present approaches are nothing more than pushing responsibilities to citizens or points of service while centralizing the controls.

Healthcare could have enormous improvements - but will likely not due to Command & Control thinking and accumulating legacy.

It is a clear sign of Bureaucratism and ideology, when the argument turns towards distrust in citizens instead of enabling. When claiming choice is wrong, impossible, undesired or even impossible, it is nothing more than the will to rule citizens being expressed. Usability matters and we are all so specialized that we need help, but this is a poor excuse for dis-empowerment – to actually take choice & control away from Citizens.

The public sector consist of many very different activities with very different requirements and challenges, but Europe and EU have been failing to use the digital opportunity to Empower citizens - It is about MANAGING CITIZENS instead of Empowering them to pull the system around.

The right to say "No" and to offer and choose the better causing constructive change is the very reason we came out of the Middle-ages of feudal power structures. Choice is the very essence of Single Market and fundamental rights - and once again being slain by interest in power, prestige and profits in yet another self destructive circle.

I am asking the question - why should it even be possible to look up a specific citizens Healthcare file instead of asking - unless you already are involved in specific treatment?

Citizens herself have and should have a lot more data and just needs to have tools and rights to control and reuse them without all sort of 3rd party profiling and interference.

Instead of searching for arguments to benefit the bureaucrat centralist approach ignoring the escalating and accumulating Command & Control inefficiencies, lets ask how we deal with the real issues with Empowerment and economic growth in focus.

There are demographic reasons behind the growing healthcare costs - but the primary reasons are more simple - focus is on managing the disease treatment factory instead of empowering the selfish interests in not getting sick in the first place.

The road to hell is paved with sweat words of intentions to sell action with negative causality. You may even believe the words because of some positive claim picked out of context.

Managed citizens don't make effective society.

I am suggesting an alternative that is not ideological privactization. We should chose and design for citizens instead of chosing between government or corporates.