No app for that. (1).png

So, this might sound strange, but the ransomware attack that has paralyzed our city’s government isn’t a tech problem.

It seems like one, but it isn’t.

The real problem has been diagnosed – unwittingly – by the last four chief information officers.

All of them had the same three-step career trajectory:

1.  Draft a strategic plan that calls for “centralizing” information technology services.

2.  Attempt to convince the rest of city government this plan makes sense.

3.  Get fired, or quit.

The current CIO is only on step two. The very first item in his IT strategic plan: “Centralize various IT operations and functions.”

There’s no app for leadership.

See, every CIO has come to town with the same grand tech vision. It’s been seductive, because a tech solution looks sexy and forward-thinking – and no one has to get their hands dirty solving real problems.

Information technology cannot be centralized because authority and accountability are not.

But the tail doesn’t wag the dog.

Tech won’t fix a city government built of ancient fiefdoms and bureaucracy. There’s no “app” to make sense of four or five separate maintenance departments. Or, four or five different capital programs. Or, a police department that operates like a black box. (It runs on software from the 1980s, but that’s a symptom, not the disease. Most the Consent Decree implementation so far has focused on tech, because that’s the easy part.)

Information technology cannot be centralized because authority and accountability are not. We dream of transparent government, but our government is not transparent to itself. It contains multiple pools of data, siloed off from one another, with separate owners who compete for resources and control.

It is a leaky, ungovernable system, and like different doctors working off separate charts, the arms of city government go to work on a confused and bewildered patient who cannot understand why one agency paves a street only for another agency to dig it up weeks later.

What we’ve really seen in the past several weeks is just what we saw in April 2015, and, what we see during every 30-murder-month – a government deeply unprepared for real challenges.

The state of Now.

If I saw a clear path forward, I’d recommend three things.

First, use the Charter’s emergency procurement provisions and put out an RFP for a cloud-based email system from a serious provider (probably Microsoft, but maybe Google). I bet it’s cheaper to host email on our own ramshackle servers, but we can see where that’s gotten us.

Second, find every IT strategic plan and burn it. Also, ban the word “smart.” Smart City, Smarter Cities, CitiStatSmart, etc. – these are branding exercises meant to substitute for real work.

Third, pay the ransom. We need to salvage whatever we can as soon as we can to start solving the real problem. The people saying “don’t pay” the loudest are tech folks who think this is a tech problem, which it isn’t. And however satisfying the we-won’t-pay posturing has been, we have neither the competence nor resources to back up the tough talk. We’ve spent $5 million dollars on this problem so far. How about spending a few thousand more and then deal with the “what ifs” when and if they happen. (Here is a ProPublica reporter with an interesting discussion of the issue. Guess what? Most people pay up.)

But the problem is, I don’t see a clear path forward, because I don’t see accountability.

Mid-2019 looks a lot like mid-2015 — a placeholder mayor who doesn’t want to be mayor and no direction as a city. 

I could point out that, not long before the ransomware attack, the operation that didn’t run the update that might have prevented it was busy pondering how to build its own broadband internet – once again focusing on sexy pipe dreams rather than the basics. But I don’t see how this gets addressed when everyone in charge is a short-timer.

It’s mid-2019, and we’re in pretty much the same place we were in mid-2015. We have a placeholder mayor who doesn’t want to be mayor, and no clear direction as a city. 

The stakes of the uprising were a whole lot higher than the challenge posed by the ransomware attack, but both were moments of opportunity to ask, is the way it is the way it should be?

It’s like losing everything in bankruptcy or a house fire. Traumatic, disruptive, and expensive, but also a chance to begin again.

Important things could happen with leadership willing to ask this hard question, and willing to nurture, listen to, protect, and defend those willing to offer an answer.

The question: is the way it is the way it should be?

A sense of urgency should be pushing us to ask this question. And fear. Fear of how unprepared our government is, of how quickly our fragile status quo can be turned upside-down. 

A sense of urgency should be easy to come by in a city where 70% are dissatisfied with schools, and 80% dissatisfied with public safety, but sustaining it requires a faith and a belief that is perhaps in short supply – a belief that even here, things worth believing in and fighting for can break through the narrow constraints of what’s considered merely possible.

Many want to be part of the solution, and Baltimore Now has been and will continue to be an attempt to rally them. But it is the job of leadership at a moment like this to help us redefine the meaning of possible, and it’s still not clear who’s going to do it.

--Dan