A bunch of the folks in this article are Y Combinator or Google alumni, and we're giving a talk on Saving HealthCare.gov next Thursday in SF for anyone who's interested:
Let us know if you have questions! Or if you want to help.
UPDATE: we seem to be sold out. Trying to find a larger venue. In the meantime, feel free to sign up on the waiting list and you'll get an email as soon as we find a room with more capacity.
How do you, as technologically savvy people who are in a better position than most to understand the grave transgressions of the NSA, reconcile your support of an administration that has shown complete disregard for our privacy and civil liberties (specifically within the scope of the NSA/Snowden scandal) with your inherent duty, as an engineer of powerful systems, to above all further the public good? As a subtext, what are your thoughts on continuing to further said administration's political aims in one arena while they restrict your rights and livelihood* in another?
Furthermore, and more on topic, what steps have you taken to place privacy concerns at the forefront when creating a service that consumes vast amounts of personal and medical information from millions of people?
Last, as someone who has been "on the inside" do you see corruption as a large problem with government procurement? To what extent did corruption create the situation that you were called in to fix with the original HealthCare.gov fiasco?
*assuming, of course, that the NSA/Snowden revelations have hurt US tech interests
Edit: Mods, if you disapprove of this comment feel free to delete it. That said, I think these are some important questions that need to be asked.
You can both support building a tool to give people healthcare and be against government surveillance. Most people are able to compartmentalize their support or opposition for various government policies and do not see the doing of one thing they don't like as a reason not to support any other thing the government does.
That's kind of my question though, is how do you compartmentalize that? This may be a personal character flaw, but I definitely wouldn't be able to.
The NSA revelations aren't just some small political transgressions, this is a rather world shaking development that shows we have been subject to vast, malicious (i.e. not for our good but for the good of others), and illegal surveillance that has steadily eroded many of our God given* rights and liberties. On top of that, this is something the administration has wholeheartedly supported and gotten in bed with, and shows no signs of turning back (beyond token political acts that will in the end accomplish very little, if anything).
So, wouldn't you question further actions by someone who has proven themselves to act against you so wholeheartedly? Myself, while I normally would have been overjoyed at a healthcare overhaul in this country, am now extremely suspicious of the motivations behind it. Why would this administration act in our favor when they have been acting against us for so long?
Thus, my question to brandonb :)
*as per the Declaration of Independence
Edit: I would say a good analogy would be: Assuming I were Charlie Brown, at what point do I begin to doubt Lucy's psychiatric advice when she's pulled the football out from under me so many times?
The government isn't one thing. It might be worth doing some reading on systems thinking, for instance some of the writing by Donella Meadows. People inhabit a government system and they either set boundaries for themselves, or have those boundaries asserted onto them; boundaries between their area of influence and other areas of the system they consider out of bounds. If they didn't, no one would be able to focus and get things done.
People often think that the failings of a system are chiefly because of the motivations of the actors in the system. But what's more accurate is that the failings are often because of the structure of the system, and the inhabitants often don't feel they have the ability to change the structure.
The least effective way to change the behavior of a system is to twiddle the various buttons and knobs that each inhabitant has ready access to. The most effective way to change the behavior of a system is to change the overall goal of the system, which would necessitate a complete restructuring.
So that's why it is easy to believe that various NSA wrongdoings aren't entirely because of nefarious motivations (although that is probably part of it), and very much driven by system structure (log and analyze data) that simply weren't "checked" as their technological tools and abilities increased over time. What many of us have failed to realize is that our own personal security has been a form of security-through-obscurity in the past. We can put personal data up on a website and not tell anyone, and before search spiders, it might have stayed private. But we can't expect such a website to stay private these days, because of how technology has increased. It's the same with our private data, and how our browsing habits can be mined to create freakishly accurate personal profiles. There was never any privacy protection there to begin with other than obscurity, and we just convinced ourselves it was there by believing in social mores that hadn't been challenged until technology increased too much.
Meanwhile, the health system was about constructing an entirely new structure/system for health insurance, benefits, and penalties.
So... I wouldn't say it is a matter of compartmentalizing. It's more a matter of appreciating that the government is a huge collection of disparate systems and motivations, and that there can be simultaneous breakdowns and successes.
First, thanks for the book recommendation... the quickest way to my heart is giving me something interesting to read.
While I mostly agree with you, it's important to realize that a single administration (speaking directly of the President, his close advisors, and officials he has put in place) has both encouraged the NSA in their actions and also produced the ACA. At what point do we write off the machinations of a political machine as the intricacies of a complicated system, or vice versa? Do we merely ignore common threads that point to a single motive as conspiratorial thinking, or do we act assuming the worst?
I'm not so naive as to think the NSA has become what it is through the directions of a single person or group. I mostly agree that you hit the nail on the head, but the fact remains that many people in our current administration were given a high level overview of current processes, projects, and operations and gave the O.K. to not only continue in the current direction, but intensified efforts, brushing aside the consequences and ramifications that only a stupid person would have ignored. And I refuse to believe that these people got to where they are via stupidity.
If you honestly think like this what do you think people should do that live under more invasive governments ? Even most of Europe has more invasive data collection laws (in all European countries, the secret service and the IRS equivalent can tap/copy/... anything they want to without warrants, and any cooperation they request must be freely given on pain of imprisonment. Anybody who's worked at a Euro ISP knows this. Nobody ever mentions it for some reason)
All European ISPs must give a certain organisation a command shell (sort-of) that allows them to copy any and all traffic to a specific customer without the ISP even knowing they're doing it. They have to do this for free and provide free tech support. This is why cisco, alcatell, juniper, HP, ... both produce "lawful intercept" versions of all their network software [1]. Installation of these images in most of the world (not just Europe) is not optional.
Unlike in the US, the ISPs never get to see any warrants. Asking for that is a crime, that can land you in prison. "Obstructing" justice can also land both directors and techies in jail (ie. not promptly providing prompt tech support to idiot police officers who wonder why tapping an ADSL line does not tell them when the tapped person checks gmail on their phone). There are not allowed to be limitations. For example if you are an American customer of an ISP that operates in Europe, they can tap you (e.g. Liberty Global). And obviously, the government refuses to pay anything for the quite substantial effort required to implement all this.
ISPs only deal with a certain central organisation (it's more-or-less interpol) that basically gives open tapping to a list of European organisations that doesn't fit on a single page, and several organisations that aren't even European.
So given this, what do you think the entire European telco, government, and ... industry should do ? Keep in mind that people working for this infrastructure is probably around 50 million people.
> The NSA revelations aren't just some small political transgressions, this is a rather world shaking development that shows we have been subject to vast, malicious (i.e. not for our good but for the good of others)
When was it shown that this was not for our good but for the good of others? I think you may be confusing the ends and the means. If the means turned out to not be good for us, that does not mean the ends they were trying to achieve weren't for our good. It just means they failed.
Well... I'm pragmatically there's things I'm going to agree with and things I'm going to disagree with for every. single. administration. So the choices are either working within the context of the system that exists today, or anarchy. Working within the context of the system includes reinforcing the things that can positively affect people's lives (healthcare) and fighting things that can negative affect them (spying). Fighting "the system" as a whole is paramount to advocating anarchy.
While a bit brusque, this comment does illustrate that we're all compartmentalizing to some extent. Even pdeuchler, who suggests that same's lack of ability to compartmentalize may even be a character flaw...
It isn't, you're doing it already. Living and working here, paying taxes, it all supports the state to some extent.
You can't escape these dilemmas and still interact with the world in basically any way. Take any product. Money that buys avocados will inevitably support Mexican cartels. Widespread guac boycotts would just starve the farmers trying to claw towards legitimacy through economic growth.
(This is, of course, assuming this is hypocritical, as not everyone finds the spying out of bounds, difficult as that may be to conceive. Entirely separate discussion there though, one that's been trod to death on these boards.)
technically it's not giving healthcare to anyone... but rather providing a means to charge for a base-level. the healthcare law doesn't give any free handout's, even to people who can't afford the "affordable" fees the gov't charges for the base-level healthcare.
(just saying, it matters to be correct on this topic)
While I can see huge ethical concerns were this project related to the NSA, I don't think you can necessarily force that association here. While I agree with your frustration with the administration, especially with regards to surveillance and civil rights, I also would like to see the ACA do well and lead to a better life for most Americans. I don't think its wrong to want to work on solving this problem (healthcare) while disagreeing with other actions of the government, as the above poster is working on something that will directly help millions of americans. I see improving healthcare as a separate issue from the NSA scandals, and I think that, in refusing to help with fixing healthcare.gov, you are harming millions of poor and needy Americans without actually accomplishing much of anything.
"Changing it from the inside" is a carrot dangled in front of people to make them think that they can effect change by becoming a cog in the machine. First off, cogs don't change the machine specifically because they're limited in their function.
The people who join the government to try to change it from the inside are the same people who, five years later, complain that their hands are tied and they can't effect meaningful change for the better and must continue along the well-trodden path of obedience. I think Obama is a great example here, but I'm sure there are many others.
The only possible way to change a government is from the inside. Even if you have a violent revolution, what happens next? The leaders of the revolt become the leaders on the inside of the new government.
Government is not like a company you can boycott; it is an unavoidable attribute of human society. The operative questions are how are you participating in it to achieve your aims, and how effectively.
This is probably the best reply I've gotten (I've asked this outside of this thread before as well), and my response would be to ask where the line is when one's efforts stop changing the machine (to abstract the discussion away from "government", not to insult it) and begins furthering it's interests. I honestly don't know the answer, and so I ask inflammatory questions to further my understanding of the issue.
I'm not the person you asked, but there seem to be quite a few things wrong with the assumptions underlying this question.
> an administration that has shown complete disregard for our privacy and civil liberties
Is it really true that this is the case for this administration more so than other administrations? Admittedly the increase in opportunity for surveillance has been huge in the last couple decades so the quality of the comparison degrades as you go further back in time, but what the NSA has been doing seems entirely in line with what they've been doing for decades. To be clear, what they've been doing for decades is really, really shitty and I'm glad people are finally outraged, but then wouldn't your view require basically boycotting working with any administration ever? I don't think it's an unreasonable proposition to not hold hostage policies that are potentially worthy just for a single (however significant) issue that you disagree with.
> your support of an administration
> continuing to further said administration's political aims
This leads to me to my next point: it seems like your comment assumes that this was done purely out of a desire to help a political figure, instead of considering the possibility that the volunteers may think that Healthcare.gov is a worthy goal or at least that its brokenness is negatively affecting the American people (I don't think there's any disagreement across the political spectrum on this latter point). That's an awfully cynically political way to look at the world, and I don't think it's accurate to assume that that viewpoint is shared by the volunteers. I think it's probably a safe assumption that the volunteers acted more out of a desire to see hc.gov working than to see Obama's political capital enhanced per se.
Do you quit your job when your boss does something you don't like? The government will live on beyond this administration and hopefully the site will as well. I don't know what privacy you can expect when they hold the keys, my expectation would be 0. Finally, government procurement is always littered with inefficiency and occasionally large scale corruption. These questions really answer themselves.
Now if only you had asked something about technology.
Here is something that'll blow your mind: lots of technologically savvy people don't think surveillance is a policy so bad that it destroys the governments overall credibility. Some even don't see a problem with it.
If you're starting from the assumption that everyone else who is "technologically savvy" is obviously in agreement with you, then you're making a large mistake in your reasoning somewhere.
Smart people often disagree about things in this world, including in particular whether the actions of the NSA show "complete disregard for our privacy and civil liberties" and whether they're justified or not.
Also, half the idea of democracy is to compromise with other people. Thinking that people shouldn't do any work for the government because they don't agree with some of the actions of that government is ridiculous.
To make the coupling explicit, what assurance do we have that information given to HealthCare.gov won't be illegally accessed by employees at NSA and other three-letter agencies?
But how would you ever make government better without getting involved? I mean unless you are talking about scrapping the existing system and replacing it, you must be involved in order to change it.
Pretty much everything you wrote is complete nonsense. There's no relation between healthcare and spying. People don't put their medical information into the system (hello! no more denials for pre-existing conditions). "Corrupt"? Really? Then you try to shame the folks for participating but even acknowledge that inanity with your caveat. Pretty shameful all the way around.
Cannot speak directly to experience of original developers, but I could see moving target as being an issue.
Would love to see our code open sourced someday and be useful to others, especially state exchanges, but that is a long-term goal. Currently we are laser-focused on getting everything ready to ship by next open enrollment.
would be curious to get some answers as-to why this wasn't the path to building the website all along?
I mean, the original site was awarded to CGI Inc without any biding process... and they aren't even a US company. Why did we not have US professionals/companies build this thing the first go-round?
I could have imagined a High-Tech All-Stars sort of thing... each major US tech company sends 1 or 2 representatives to collaborate and work together to build this new long-lasting piece of national infrastructure.
The government procurement process is insanely complex. A full competitive bid process for something of this magnitude would have taken many months at least, and would also make it really hard for consortiums to bid because of the up-front cost. Hence the beltway incumbents (Lockheed, Northrop, IBM, and, yes, CGI though they're much smaller) have a much easier time winning these contracts since knowing how to navigate the contracting process and having existing contract vehicles unfortunately gets you a large part of the way there.
I believe CGI actually got this contract via an IDIQ, which is an "indefinite delivery/indefinite quantity" contract, allowing HHS to add additional "tasks" to the IDIQ contract as long as its within certain bounds set by the contract, and if it stays within their GSA fee schedule. IDIQs started becoming popular in the 90s as a more expedient way to contract rather than the months-long or even years-long process of a standard competitive bidding process. However, it only really solved the procurement woes for incumbents. I couldn't find the original CGI-Federal contract, but here's at least their press release: http://www.cgi.com/en/CGI-selected-build-US-wide-competitive...
Even if you don't release it until after a successful open enrollment, please record video! And please, during Q&A, remind the speakers to repeat the question so it's captured on audio! Or capture the audio from the active audience microphone!
Why does it matter if some of the people are Google alumni? That doesn't mean anything anymore, the company employs over 10,000 engineers. It's like saying that you have IBM alumni.
I see it's sold out now. Will there be any possibility of a second event or will the rest of us also be able to find out how we can help after the event happens?
This is an absolutely baffling comment. Particularly for a community (hackers) that value openness and transparency above pretty much all else. What in the world are you talking about, to a general public audience, that can't be heard by the rest of the world?
This is a highly politicized topic. Recording/streaming the event makes it very easy to take an out-of-context soundbite and turn it into a media story that actively hurts their ongoing efforts to improve the marketplace. They may want to keep the TV cameras out for the same reason they're not present in just about any kind of political discussion/negotiation; by the time anyone in government is speaking to media, the private discussions that crafted their story have already taken place. You really can't be candid when there are influential people looking to pick apart everything you say.
Recording/streaming the event makes it very easy to take an out-of-context soundbite...
I would have concluded the exact opposite. Making a full recording available allows any attempt to quote part the meeting out of context discoverable and provable. Without a recording, anyone that attends the meeting could jot down a quote that serves their purpose and report it without anyone being able to dispute the context (aside from relying on the memories of other attendees).
Damned if you do, damned if you don't. Once a juicy soundbite makes the news rounds, a release of the full-recording isn't going to change anyone's mind.
YC talks aren't recorded, for similar reasons. When you know every word you say will be potential fodder for a sensationalist news story, it's harder to be blunt about what went right and wrong.
There's a difference between talks for invenstors/entrepreneurs, and talks about fixing a massive clusterfuck of government spending.
Especially when the narrative people want to spin is "Gee golly whiz look at those Silicon Valley folks saving the day!".
Anything else is CYOA, and it'd be nice if people could actually rise to the occasion and be honest and precise.
(Besides, if you are honest on everything, and somebody just hits you out of context, you can defend yourself by providing additional context. None of this is going to matter in 5 years anyways, so might as well set a good example.)
I don't think so. The people fixing the obamacare website most likely want obamacare to succeed, and are aware that there's a hungry media out there ready and waiting for the next story revealing just how awful the original website (and, they'll insinuate, hence obamacare itself) is.
I'm not sure a quote taken out of context actually is so easily corrected within the realm of American media and politics. Falsehoods are quoted and quickly reprinted, and the truth might not be so juicy as to get the same level of attention.
I can write down an out-of-context statement and report it with or without a recording. If anything, a recording is positive because you can contest what I claim you said with a hard-to-fake, in-context version of things.
Particularly for a community (hackers) that value openness and transparency above pretty much all else
Yeah, keep telling yourself that. The hacker community as a whole "values openness" when it suits them. 90% of the time, it's tribal Homo sapiens pattern matching the markers of their own tribe while imitating the outward appearance of the 10% that truly matters.
Valuing truth over your own ego is a majority stance and a minority capability around here.
These are fair points. Let me check with the other speakers and see what they're comfortable with. It's not my decision alone.
(As one of the other comments alluded to, we're engineers, not politicians, and we're certainly not equipped to deal with the media parsing our every sentence for soundbites.)
You're talking about a government website and not recording? I am a little worried that you don't think you can be candid about what is being done with our tax money.
I imagine recording a discussion is particularly stifling when it pertains to government contracted work. In government it's all about how blame should be assigned and not about moving forward productively.
If you can't get professional to record the event, just launch a Google Hangout broadcast on the speaker's computer so the sldie is recorded, add a microphone to him/her under $20 and you good to go. If the speaker is close to the computer just use the built-in microphone.
Understandable. It's only the face and future of public heath security for the nation, there's no real reason why everybody should know what's going on behind the scenes.
I understand your concern, but how about just a similarly controlled space in Boulder? There are a few to choose from, each with adequate equipment and personnel.
There are plenty more government IT projects for them to save next. The scale of these failures is mind-boggling, and Healthcare.gov wasn't nearly the worst. Here's one I just read about yesterday, might be good for their next project:
If you're interested in helping with this or any other government project, feel free to email jobs@hcgov.us or attend the talk mentioned elsewhere in the thread! There are lots of ways to get involved.
Good idea. If you're interested in this type of thing, check out 18F, which is a brand-new engineering office run from within the government in San Francisco and DC: https://18f.gsa.gov/
One important dynamic is that contracting, due to its slippery nature, attracts the kind of people whose skill is siphoning money away from government while minimizing what they deliver.
Think about it: Even contracted physical construction gets screwed up in large scale government projects, and building good contracts about software development is much harder that contracts about physical construction.
In-house development simply doesn't have the kind of indirection where the bloodsuckers can get in.
You'll cut one kind of bloodsucker out of the loop and let another in: the kind that thrives building fiefdoms in bureaucracies.
And you're not addressing the main issue: projects being way too big and unwieldy (if now somewhat less expensive) even before they go over budget, over time or flatly fails altogether.
If the CGIs of the world actually delivered a functional product on time and on schedule, the fact that they earn handsomely in the process is at best a secondary concern. Next to the cost of the staggering embarrassment that was the failure of the first Obamacare website, whatever CGI quoted is a rounding error.
It's incredibly difficult. When government money is involved the good old boy network swings into action. Contractors are picked based on political connections first and actual capabilities second.
I wouldn't be so cynical. Contracts are really awarded to companies that can jump through the bureaucratic hoops--and there's an entire industry dedicated to doing that while over-charging and under-delivering.
We built a NEW website, and it's going to WORK this time. Not like that last time, that only took us up 30 feet into the air then dropped us. And when it DOES work, you're gonna turn to me and say, "Dude, this rocks." And I'll be like, "Dude, I TOLD you it was gonna be sweet."
No. You serve the static assets from a CDN, but the authentication and dynamic content generation need to scale very quickly when you have an in rush of traffic. This is the perfect use case for Amazon AWS (GovCloud, specifically).
EDIT: Disclaimer: I did not work on Healthcare.gov, but did study up on the entire architecture while trying for a gig on the recovery team.
It's highly variable because of the way health insurance in the US works.
There's an "enrollment" period where you can switch/reenroll in your plan. It only lasts a few weeks to a few months in the end of the year. During that period, load is immense.
Outside that period, there's extremely low traffic, as only people who have "qualifying events" are eligible to shop for insurance - if you get married, divorced, lose a job, etc.
Letting someone else figure out what to do with 95% of your server capacity for 10ish months out of the year is a pretty decent cost savings for the government, I'd imagine.
The government has their own amazon cloud, but to the point I think it actually would be better to use a virtualized setup because then you can scale power as needed and not have to worry too much about bringing servers online. Then when the inevitable slow period comes you can scale down significantly. This is my experience at least.
Well the US federal government has more resources than most so it strikes me as a smart move to do this. I suspect they were holding off announcing that they've solved time travel closer to the congressional elections to help out the Democrats but the cats out of the bag now.
How do they measure success? If something costs 1000x what it would have in the market and still strives for adequacy it's already proof of failure. If any of us failed so spectacularly we'd go bankrupt and another service would be used (and there would be plenty of choices if regulations/poor law services didn't dissuade people from creating this kind of service).
Now we have people that were productive at companies making services we pay for of our own volition spending time on this thing that doesn't work as a symptom, not a cause. So confused why this is a thing.
http://www.eventbrite.com/e/saving-healthcaregov-tickets-118...
Let us know if you have questions! Or if you want to help.
UPDATE: we seem to be sold out. Trying to find a larger venue. In the meantime, feel free to sign up on the waiting list and you'll get an email as soon as we find a room with more capacity.