High-Tech Lessons for Sacto from SF
Sacramento Union, August 21, 2008
For nine days last month, San Francisco’s state-of-the-art new computer network was held hostage by a convicted felon. Even a team of Silicon Valley’s best and brightest engineers working around the clock could not crack his code. Finally, in a secret midnight meeting at the Hall of Justice, the mayor himself convinced the perpetrator to relinquish control.
The entire episode sounds like a Hollywood thriller, complete with a shocking twist. The hacker didn’t steal access to the network; the city gave it to him. The man in question, Terry Childs, is not a criminal mastermind, but rather the city engineer, who single-handedly designed and managed San Francisco’s internal network.
This multimillion dollar government investment consolidated 60 percent of all data into a single city-run system, handling everything from email to law enforcement. Since it serves as a critical resource for nearly every municipal service, why did one man possess so much power over it? Childs ruled the network because he was the only employee capable of understanding how it worked.
This is not surprising given the complex nature of rapidly evolving technologies. Managing such technologies requires immense expert knowledge, and Childs earned an elite certification held by only 16,000 people worldwide. In the private sector, firms staffed with trained engineers specialize in helping clients run networks. Instead of hiring one of these firms, however, San Francisco decided to build and manage a network completely on its own.
For three years, Mayor Gavin Newsom stubbornly pushed forward plans to blanket the city with free municipal Wi-Fi access. Recognizing that private firms can far more effectively implement his vision, Newsom in June embraced “Wi-Fi 2.0,” referring to a thriving new private wireless venture that operates without any government funding or oversight.
In taking control of the city’s internal network, Childs believed he was protecting it from incompetent bureaucrats. Even though Childs abused his authority when he locked down the network, it turns out he may have been the only safeguard keeping it from complete deterioration—after Childs’ arrest, officials failed to back up the network properly, thus risking its integrity.
The lessons from San Francisco should resonate in Sacramento, where the long-term effects of government-controlled technology are all too clear. After years of government mismanagement, for example, the state’s email system has grown into a chaotic and fragmented patchwork of 359 email servers across 31 departments. Other vital services fare no better. Though the governor recently ordered the pay of state workers reduced to minimum wage, technological limitations render this an empty threat. The state’s payroll system runs on such antiquated code that only retirees are trained to modify it.
The San Francisco network fiasco was foreseeable and preventable. With convenient access to the world’s highest concentration of high-tech prowess, why must bureaucrats insist on reinventing the wheel?
Daniel R. Ballon is a Public Policy Fellow in Technology Studies at the Pacific Research Institute.