 Hey, I just want to say congratulations. What you are doing is awesome and amazing. It really is it's so fantastic just the work that you've been doing and My students are all in love with you. Okay. You should know that. Okay. Thank you They are just all in awe and they are all in awe and Yeah, they are they are all in awe. You really are you're doing something really special. It's really interesting Wow, it's something to to wake up to Am I how is it how are you how's it going and how are you doing? Are you are you exhausted? Are you okay? No, no, no, I had last I checked More than eight hours of sleep. So not at all exhausted I'm pre-coffeinated though. Anyway, a Starbucks coffee is arriving any minute now. I may have to fetch it and In any case, I am doing well. I'm just turned 40 and like literally yesterday and Wow, happy birthday. Thank you. And Still not traveling, but I anticipate you starting to travel around I don't know September October And the the work currently the counter-infodemic and counter-pandemic work Has been largely Automating itself. I'm not actively Working on these two topics. I'm now tackling more traditional digital service stuff and And there's a upcoming digital ministry a dedicated competent authority for digital affairs starting, I don't know probably early next year And so there's also a lot of reorganization to do Internally because currently my office is the content from 12 different ministries, which is great. It's a horizontal leadership style However, in terms of say cyber security and other more Vertical issues, there still is a need to get the required For example, the the recruitment from outside experts to get their salaries up to par and so on we fix pretty much the procurement pots But the link to local government as well as the hiring part. That's something that we've been focusing on for this year So that's a short update Interesting so you really it's kind of almost more of a talent play Where it's how can we ensure and how can we get the right talent into the sorry the service delivery side and thinking about kind of Government service delivery and how government organizes. That's like I'm like less cyber security Less disinformation. That's like what I think about a lot. So it's really exciting to hear that you're moving in that direction And is there what about Unique identifiers national IDs Platform services micro services. We've got a national ID We've got two national IDs actually three if you count the passport and Right and we just roll out a general beta of the national health IDs app based system So that instead of a IC caught you can also up in to a QR code a Toyota pay on the phone and App the ancient app has been downloaded. I don't know 10 million more than 10 million I think 12 million now so half of population now uses the app which doubles as a you know my data Authorization tool a data collision tool and things like that. And so yeah, it's been really really good because Prior to the pandemic there was almost no downloads I think it was at half a million or something But now it's been you know the top download in both App Store and Google Play for the past year And so that part worked really well And is there is there a is there a sense of building? Some kind of common infrastructure across like vertically across the government Yeah, sure. My data platform is generally available now. So people can With a single-click link through multiple data silo and download their own data and then authorize it for a third-party data collaborative Processing and so on that that the usual thing has been done But by usual I mean by you know Estonian or Scandinavian standards, but Anyway Right and and Nowadays We're moving on to the statistic side right there because the the my data the personal authorization side has been done And so the aggregation side we've just successfully did a pilot on homomorphic encryption And we're going to use that quite pervasively to decouple cloud computation with data storage because We need to interpret such that homomorphic encryption counts as on-site computing And there's also federated learning Akas split learning and many other Exciting zero-knowledge stuff from the blockchain space that we're also looking into to Basically enable integration without compromise in privacy So many questions can I keep going so many questions? With the with the kind of my my data is that is that leveraging the X-Route like did you build did you build from scratch? Is this a legacy system that's been around that you've kind of built on top of or did you? Did you pull code from somebody else? I'm curious about that. Yeah, although the underlying code we call it X Sorry t-road we didn't use X-road It's more of a you know Yeah, tip of a hat and then anything else, but Yeah, we call it t-road I guess T for Taiwan But the point here is that while the system architecture is of course X-Route inspired We we this is all like builds upon existing government service network infrastructure the GSN code and The GSN code has been powering the EDI the electronic document inter interface anyway But it previously haven't been G2C. It previously has been exclusively G2G So we're basically having the National Government Council as a G2G Pia but with the special mandate that it need to be translated into the outside third-party authorization so that when you open a bank account, for example, you can get your relevant Minister of Interior Minister of Economy Minister of Finance records through the NDC instead of Getting it from the three peers individually and so yeah, it's been a very conservative Like extension. It's not like we we scratch out any existing code But it does pave the way to future for example G2B applications Which if you're a small business owner theoretically that will enable you to Basically subscribe to do one single website and then the government tells you much like how I don't know recollect You know when I'm going to bring your trash out to to file your like environmental declarations You know carbon accounts and and all things like that because these some of these were newly introduced so people were not very much used to how to file when to file it and so on anyway And so having a single B2G Portal I think that will help a lot and we've got quite a few experience already building the tax filing system which has been API first so by changing a few parameters became the mask pre-ordering system and then becoming the stimulus voucher Purchasing system so we're going to use the same architecture that we did for the tax filing also for the Mountaineering hiking application also for the ocean that Taiwan the jovi that TW the ocean affairs Single portal we're going to use that for the B2G portal as well and that's for the next year And so the one of the points here is that because it's all open API based as in the Linux Foundation standard All the third-party developers apps Startups and so what are all free to just see our implementation as reference implementation and do whatever they want Again, that's a standard play very cool very very cool You mentioned the blockchain. I've been kind of Skeptical and would actually think I'm surprised to hear you express some enthusiasm because I guess my concern is that if you have a Distributed ledger you're really losing control and you know one could You know you kind of invited a governance nightmare in case you need to roll anything back or Make a change and or you expose yourself to attack from a Yeah Yeah, and then and then if you and if you're just using a permissioned Ledger like I kind of sometimes I kind of go like what's the point? But do you have a different take on it? So so Well, I mentioned zero knowledge and so on I refer to it as blockchain inspired Which means that for example the national health insurance still is the single source of truth But say you are hosting a marathon and you want to ensure that the participants do not you know drop that during running so you invent sorry publish Certain ranges of acceptable health values in terms of measurements so that only people in the healthy range Now the problem with the my data as currently implemented is that while you're not a doctor or nurse You will end up getting access if you use the my data authorization Getting access to a lot of quite sensitive health records as way beyond Because the marathon is supposed to be a kind of self-assessment So the scenario is not about the organizer actually doing anything with your health records in fine detail So theoretically all the my data portal should do is just to output a series of yes No, yes, no, yes, no questions or even just a single yes or no question as of whether it passes the criteria or not But currently the my data portal only copies the data. It doesn't really looks into the data and so Currently the my data platform cannot check the range for you and so enter a zero knowledge range proof So the idea is that the ZKRP is signed by the NHI itself rather than the my data portal And so the might have or is just one of the many witness of the ZKRP And so as the organizer, I only check the signature is done by the National Health Insurance Agency that's the diagnosis the previous records are within the range and I learned nothing else Right, which is why it was called zero knowledge so, I mean you can implement this in any of the PKI oriented ways with with well any amount of red tape, but the ZKRP is a Emerging I wouldn't say standard but emerging way to do distributed signing that people seem to do like And so it's basically just you know back office Automation with a cooler name, but we're not using a ledger for that Although we are using is the Indian compatible ZKRP You know signing mechanism just because that the code has been reviewed and it probably doesn't have much Security concerns otherwise a lot of people will earn a lot of money. So we trusted the code more I guess because it's a bet it But we're not actually running a public ledger or permission ledger for that We're just reusing pieces of the either in my invented technologies The same goes for quadratic voting in the presidential heck of a game We could have run it on the public lecture, but we don't but we reuse pretty much the same design Interesting This is a brief aside we actually did recollect two weeks ago. Yeah, I saw that congratulations. Yeah, that's great. Thank you so much I Yeah, Luke and Kevin. I are very excited. So Well, we'll send you another note, but we're you were really excited I'd love to switch gears to ask you about I have a research project with the Rockefeller Foundation to look at the governance of Shared code between governments. So you're probably familiar with the Nordic Institute for interoperability standards Minute so that's kind of a one model of So I'm not interested in how governments might consume say like Apache like the Apache like, you know Because they're just like they're just a consumer. I'm interested when governments are Co-owners and participating in the governance of the code itself Are you engaged in anything like that? Yeah, did anything come to mind in your work? Polis is of course the flagship, right? We are involved heavily during the You know, they're rewriting for the mobile version. We are quite instrumental Of course Colin makes the final decision of it's going to a GPL rather than being proprietary And we contributed quite a lot of localization code. We hired Penetration testers making sure that it's cyber security safe and easily self-hostable And along with the Canadian government we did a first deployments of the automatic bilingual Translations and things like that the list goes on so so yeah, Polis is certainly like that To a slightly lesser extent also sandstorm but sandstorm is special because The the company that runs it has been dissolved right can turn this now in in Cloudflare and So we had to basically take care of the governance of the individual pieces of sandstorm that we use it So it extends beyond cyber security, but also because sandstorm is a container. We also just Reuse whatever civic tech so that's very interesting because we don't have this idea that within sense from it's called gov tech because Line by line the code is the same So if people like hack em day then we package it the open source part of it up into the sandstorm Codemc markdown collaborative editor of course either calc maintained by yours truly of course is part of sandstorm And many other things that transfers this way as well But we don't control upstream, but we do need to take care of the you know usability the service Delivery a front-end Localization and things like that of the pieces from civic tech that we also use as the gov tech But we always contribute back. So I think that's a pretty good Pretty good format because the cyber security team in Taiwan like deaf core which just Won I think one of the Point to own I think and they said that sense from is very secure after flying three CV So any less secure civic tech by packaging it into a sense from is automatically more secure and so so your major contributors to the project What about the governance like do you have control over the roadmap or? future feet like what's that look like and and Yeah, do you influence it? Do you think about that? Do you want more control or is there a committee talk to me a little bit about that? my My position is always that we fork first and merge later, but we develop in the open So so we're just like any other downstream vendor We're not unlike Debbie Interesting so you're so you're participating in these but you're like kind of forking Building out your own and then making the case back So you're not actually directly involved in the governance of the part of the core project per se You're more like outsider influencers are kind of like throwing in your ideas Very well articulated in like and well worked ideas and saying hey We really think you should adopt this and and they're kind of that's right. That's right When the upstream needs a more timely help in terms of cyber security related pull request, of course That needs to be timely then we do have the developers to help them out, but we're not controlling the governance We're merely saying that your users are at risk And and is there any desire to have more influence on the governance like for polis or anything like that is like would you would you? Want to have a say well by by maintaining Operating successful forks that automatically give you a say Actually more of a say than any board of committees or whatever That that's the thing I believe in and I guess it's also blockchain inspired Yeah, I this is super fascinating it does it really It's kind of influenced through capacity So not all governments necessarily have this level of capacity that you have and so they may they may resort Yeah, I wouldn't say so because if you are even if you are merely a user like deploying a patch your engines or whatever Almost by definition you had it the capacity that that issue is just the the current hierarchy or bureaucracy Whether it operates in a way such that your local Customizations even one single configuration line changes are In the open if it's in the open the capacity builds itself if it's not in the open the capacity just with us And so I wouldn't say that Some government has a capacity some not I would say some government have the development norms that leads to capacity Interesting Okay, I want to switch gears again I want to talk about I want to ask one more thing and then I and then I want to make my other ask Because I know we have limited time. It's fine. So It's so interesting for me to hear that you're now shifting more to focus on services I always felt like you were this Really interesting contrast to kind of the digital service teams that I often look at because they're very service focused Whereas I feel you have been very Public consultation and democracy. Yeah, and and and did you ever feel Do you feel alone out there doing that work? Do you look at like the other digital service teams around the world and say I Think you're doing I think you have the wrong emphasis or is it just more like no, this is the emphasis we had to have Like no, no, no, how do you look at the others? But to answer that I need coffee. So give me like 30 seconds. I Think central central to to the To the approach that we're taking is the where we just talk about it's the fork Right forking the government and so on by making the government forkable and by having gov tech essentially forks of civic tech What we're doing is just making initial reference implementations that the civil society are still Able and much more capable nowadays compared to five years ago to fork So the mask availability map forked more than 100 different times is a prime example So so when when you approach it this way the the democratic consultation Empowerment the social innovation part and the service delivery and so on the open government parts these become the same plan because this is arbitrary distinction is because Previously the service this livery is designed for the people Not necessarily with the people and some digital service delivery teams do take a participatory design routes Policy labs and so on which is arguably with the people But what we're doing is we're designing after the people Which is very different like the people already have a inkling of an idea a prototype and we discovered them through through me in a slack channel, but also Through presidential hackathon through many other ways and then when these good ideas Start to spread we give them the state resources that's needed to scale it to the entire country But we do not take control. We may forget from here and there, but we always contribute back so the issue become a a Like citizen led or as I prefer to call a social sector first Approach where the social sector still has the agency and still has the control So even if I'm now also working to ensure the talent organization and so on that principle doesn't change not not So currently we're of course not telling the 100 or so different map of the rationing of the Masks to do anything in particular, but we do control part of the API because the national health insurance Published the API for the mask availability But when the API reviews data bias for example and the open-street map community Spoke through a legislator the minister Chen Now just said of health just said no legislator teaches So so we're open to patches and if the patches doesn't work We're also open to forks and if you view it this way then the service delivery is just enhanced consultation capability Huh fascinating But I feel like you you have all You've tackled more. I would say kind of political policy questions than just pure Service delivery as well. I think this also distinguishes your group from other groups other groups are very So on the you this was all on the foot on the service delivery side So you have this different vision there, but I feel You know you've also kind of like when I think about that the work, you know with uber going That's going back a little bit ways, but you've done more kind of Do you think do you think this is important for digital service teams to be tackling or is this something that's more unique to your role And you don't think is replicable by other groups well, I Think service is in service of Whatever that people feel is as important like the original gds was solving the problem of the Digital teams within each agency were not in power and certainly didn't have budget that leads to a degradation of the service quality That's the original gds question And the austerity measures and so on gave them the political moment So they also have a political play there, but nowadays I would say it's not a primary concern now if you ask any random Municipal public service like whether you know stuck in active X is still your number one concern It's probably not there's no concern now, right? Did their concern has has shifted nowadays? They may tell you that Polarization and rampant conspiracy theory is their number one concern or they may say that they have Science to communicate to people but science is too hot. That's one of the popular concerns as well that we hear across the globe And more yet sometimes they would say oh, I have this really great idea I know how to implement it, but the red tapes Prevented me to procure my own solution, right? So that's that's another thing and it's about not the traditional system integrator startup Like opposition because that's easily solved by being API first but rather How the public sector views itself vis-a-vis The private sector because the the cobit has shown that if you give governance give control to the private sector blockchain included You're not likely to reclaim it back But sometimes for counter epidemic you have to do something anyway And and so that capture is fresh in many public servants mind as well And so our solution here is of course social sector led right you give special Treatment to everyone which sees to be special treatment And so the initial implementers are not your vendors rather. We are their vendors is reverse procurements And so and so so I would say that all these Shares the same principle that we work with at the public service We are the public servant of the public service and whatever the career public service are the most Difficult to interface with the citizens. That's where we start to build the listening a scale Utility so it's in a sense situational application. I don't have a roadmap whatever emerging issues that Threatens to eradicate or decimate like cut by 10% the trust the mutual trust And I I help you something that help the public service to trust the citizens more If you could tell if you could say something to all the heads of the digital public service organizations around the world What would you want to say to them? What's the advice or what's the caution? What's the warning? What's the opportunity? What would you want to say to them? Well, I'll say Ring the bells that still can ring Forget your perfect offering There's a crack a crack in everything and that's how the light gets in our internship program It's literally called ray rays of hope rescue action by youth Getting the young people to work on whatever digital service. They don't like and then contributes better designs and then work through the usual design Elements within a couple months and then they get to work with the public service Because of the problems in the service in the digital service It could be the lack of horizontal integration. It could be a lack of Accessibility could simply be that the people prefer a different mode of interaction compared to the public service and so on But the ray program that the main Call to action is simply that anyone can look at those cracks and everything and it's everyone's business And we need everyone's help. So this is ray of 2020 and this is ray of this year, which has started this call to Participation and it's been quite popular with people in service design and so on usually graduate level students Some of them even become full-time staff members. Yeah so This call is being recorded Um Can I use this call as a opening introductory comments at the digital service? I'll just publish it to YouTube under creative commons attribution. So you do whatever with it. We're very fork fork friendly And you know Minister I just say I think it was ten years ago that you interviewed me. Yep when I happened to be Now I get a chance to interview you. I feel like I'm winning I got the better interview that you got so Hopefully at some point next ten years. I can up my game and we can do it again. I can try it out Definitely Definitely, yeah, really looking forward to and by that time 2030, right? The global goes would have been met So it would be a really good interview I hope we can talk again soon again I'm so impressed with what you're doing and would love to talk to you about it more So I'll reach out again and see if we can find some time, but I know you're really busy Sure. Yeah, and so till next time then live long and prosper Yeah Take care