Dave's Blog

The roll-out of the City of Pittsburgh’s new website last year was a relative success, but user errors caused headaches during the first weeks post-launch.[1] It looks as if the city struggled in two key elements of the launch: internal communication and data gathering.

The redesign of the City of Pittsburgh’s website involved moving a slew of city services to the new platform. The city should’ve done a better job engaging with key stakeholders involved with each online service to make sure the new site would work properly. Instead, “Burgh’s Eye View,” an application that allows citizens to use live data the city collects, didn’t work at launch. (Fun fact: Mayor Peduto developed this idea with the help of the Bloomberg City Leadership Initiative). This malfunction wasn’t even due to an issue with the website, but an internal problem with the Innovation Department. Still, the city could’ve very easily pushed back the launch if they had better communication with each of the departments.

Additionally, the city incorrectly tried to collect the majority of user-data and feedback post-launch. In simpler terms, the city planned to have users discover bugs after the site was launched rather than before. Instead of waiting for user headaches and frustration, the city could’ve very easily ran tests with groups of people or even created a minimum viable product of the new site. It’s good that the city is collecting feedback and is willing to be agile, but they could’ve created a better product to begin with. The City of Pittsburgh’s new website generally helped improve the user-experience for the average Pittsburgher, but the initial roll-out could’ve been improved.

[1] Colin Deppen, “You may have noticed some issues with Pittsburgh’s new website. The city’s working on it,” The Incline, August 25, 2017, https://theincline.com/2017/08/25/you-may-have-noticed-some-issues-with-pittsburghs-new-website-the-citys-working-on-it/.

In the short term, Secretary Sawhney needs to schedule a meeting with the heads of Facebook and WhatsApp looking to regulate the content available in India. They can quickly develop ways to censor harmful content – especially in a dangerous situation such as this. Tech companies have already developed strategies using artificial intelligence to combat terrorism on their sites. Sawhney can use his resources to point out specifically harmful elements of content on social media and guide the focus of this technology. This technology should quickly pick up content related to these rumors about kidnappers.

A friend of mine at HKS mentioned how Facebook adapted after the 2016 election. They had an agile process of monitoring these elections that kept changing with each passing election. It’s still a process that’s being developed, but Facebook is making strides towards reducing harmful impacts they may have on elections.

Yet, Facebook was driven to make this change with the proper motivation: threats of U.S. Congressional regulation and widespread public dismay.

While Secretary Sawhney is speaking with the heads of WhatsApp and Facebook, he needs to do more than address this short term concern, but start to address social media into the future. He can influence tech companies using two different tools: possible sanctions and domestic competition.

Regulating tech companies, especially social media platforms, is becoming a popular idea around the world. For a long time, these platforms have operated in an unregulated space free to create whatever they could imagine. This helped lead to the massive expansion of many social media platforms around the world. But as they grow in size, these platforms have started to have an outsized effect on society that may require regulation.

The EU has been leading the charge against tech companies. Germany already instituted a hate speech law fining companies up to 50 million euros if they don’t remove harmful content within 24 hours. Many other countries are similarly in the process of regulating companies like Uber, Google, and Facebook. And it makes sense! These are American companies so EU governments don’t even make much money off of the companies.

In a similar move, the Indian government can start creating legislation to regulate Facebook, WhatsApp, and similar apps. In exchange for more lenient legislation, the Indian government can ask for some sway into how these companies regulate content. So beyond dealing with these imminent attacks, the Indian government may be able to prevent similar problems down the road. Also, tech companies will likely be willing to play ball because India is a huge market…over 1.3 billion people. They will likely not be willing to lose this market or have very tough regulations in exchange for maintaining the “integrity” of their services.

Also, the threat of local competitors may make tech companies more likely to listen to Indian government regulation/input. India should start to make the tech space more competitive by using things like subsidies to help local tech companies compete. They can even use these funds to create their own platforms (in a similar vein to China). Companies like Facebook and WhatsApp will want to remain competitive in India, so they will likely listen to requests from the Indian government. If not, India can say that their own local versions of platforms will be developed shortly. Thereafter, India could just ban these platforms wholesale in favor of their own. This is an extreme threat, but tech companies like Facebook and WhatsApp would likely not want to test the veracity of these claims and instead listen to Indian Government input.

Overall, a conversation with these tech companies right now would probably be productive. No one wants people to die. But to exert long term control over tech companies, the Indian government can regulate these companies and support local tech development. This will pressure companies, like Facebook, to play ball with the Indian government to keep this market.

As an aside, regulation is a double-edged sword.

It could actually help these tech companies. Television networks pushed for a uniform regulation in the United States back in the 1980s. The idea was that this would help them avoid managing differing regulations in each region of the country and develop a common set of standards. Also, negotiating regulations with the federal government helped both sides work through key issues like consumer protections. Eventually finding a middle ground of agreement, the 1984 Cable Act helped spur massive growth of cable in the United States.

Yet, it may threaten net neutrality that helps all people have equal access to the internet. If governments negotiate with tech companies, maybe even playing favorites, they will determine the winners and losers of the internet as well as the content available. This could be a slippery slope towards a very regulated internet based on government interests. I think this is an extreme outcome, but this initial regulation would be a starting point.

Two applications that constantly use my data are my Nike Fitness app and Uber. I primarily use my Nike app to monitor my mileage while running. A similar app, the Health app on my iPhone, could perform a similar function. Yet, I appreciate that Nike provides many more services. It tracks my pace, my location while drawing out a route map, and also allows me to publish these results to a community of other runners. I do worry about how Nike protects this data. By keeping track of my location and running routes, it’s very easy to tell where I live. Also, if I share my progress through the social media element, I am exposing some sensitive data to the general public.

Nike claims they protect the privacy of members using this app. After two years of inactivity, they aggregate your data, and after five years, it is deleted. This is assuring, in a sense, but I know it can’t be very secure. For example, my own MyFitnessPal data, a service run by Under Armour, was hacked just this past year. Both Nike and Under Armour are two huge apparel companies seeking to use big data to better match consumers to products, but that doesn’t mean they know how to protect it. I assume Nike is just as vulnerable as MyFitnessPal was. Also, I predict Nike uses this data to target advertising to my “athletic profile.” Even though they “protect” my data, that doesn’t mean they don’t use it themselves to better market to me.

Yet, I am making the active choice to sacrifice security for usability with this app. For example, I could use Apple’s more secure Health app. It only tracks mileage without keeping track of my running routes or providing the community forum. While my iPhone is still tracking my location, comparatively, the Health app leaves me less vulnerable. Yet, I’m making the conscious choice to favor usability over security in my Nike app.

I also think it’s important to recognize the awesome right I had to make a choice to opt for Nike’s app over Apple’s. Health is pre-loaded on iPhones and is really not updated enough to compete with other fitness apps. Just because it is in my phone, doesn’t mean it will be my first choice. In a similar misstep to Mark Zuckerburg forcing people to use Facebook apps with Internet.org, I chose the Nike Fitness app over the Health app Apple pushed on me. This is because the platform itself, my phone, allows others to create better solutions to my fitness needs than Apple could’ve realized when it built its app. Nike adjusted to be better than Apple could’ve known, and that’s the point! Yet, this adaptation also meant more of my data was being used.

Underlying this choice is the importance of net neutrality: the concept that Internet Service Providers have to treat all web access the same. So a company, like Apple, can’t just pay to have their apps run at a faster speed in order to gain a competitive advantage over other apps. For example, if the internet was too slow on my Nike app to give me real-time results, the Health app would be my choice. The ability to make this choice in a fair market is important so I can have the best possible app or internet service every single time. More broadly, it’s important to have competition so that small companies can challenge the giants. As a consumer, competition can help keep giant companies in check – avoiding giant, unresponsive monopolies from forming.

Another vastly important app that keeps data on me is Uber. It tracks my location, keeps track of what city I’m in, and even saves locations that I frequent. Similar to the Nike Fitness app, I am very pleased that Uber monitors my location, favorite locations, and recent activity. It makes the app more user friendly. For example, if I want to go home, I don’t even need to type in my address. I can just look at my recent locations.

First and foremost, Uber uses my data to improve its services. From tracking wait times, to the time it takes for me to reach locations, this all helps Uber better understand its customer. While this may help the app route drivers more effectively or reduce wait times, it does produce headaches through “surge pricing.” The company knows when there will be peak traffic, and  up-charges to take advantage of it. Often, Uber is the most viable way around during these surged times, so people have to swallow an awfully inflated price. Yet, the ability to choose competitor Apps like Lyft and Via should help keep these prices in check. I am particularly interested to see how the growth of Via will affect Uber’s pricing.

Uber is less stringent in terms of privacy compared to Nike. They collect much more data, including demographic, device, communication, and activity data. Also, there are legitimate paths for companies to obtain a user’s data. One way that shocked me was through user promos. Everyone loves to find a promo code for a free ride or a discounted rate, but the company that pays for the promotion can access the data of people who use the code. This is a treasure trove of information for companies. And I know people don’t realize there is a transaction occurring when they use a promo code – I surely didn’t. It’s not a gift to consumers, but really a sale of consumer data.

Yet, I risk Uber misusing my data for convenience and to achieve a higher level of safety. Uber, more than a few times, has been important to keep me safe in compromising situations. I’ve used Uber to get home after a late night out with friends where I don’t feel comfortable walking or taking public transportation. Or, multiple times, I have found myself in unsafe places where Uber was my only way out. Disclosing my information is definitely worth the protection this app provides for me.

With both of these apps it’s worth considering other areas in my life where my personal data is more vulnerable. My Nike Fitness app and Uber are not the apps that concern me the most in terms of personal data. I disclose a ton of information on Facebook, Twitter, and Instagram that a bad actor could use to target me. Even my phone knows so much about me. At least I’m aware my data is out there!

LastPass is a fantastic way to manage passwords and keep yourself secure online. It was one of the first things I downloaded at HKS (possibly because it was much much easier than setting up connection to printers). Beyond the utility this application has brought to my life, it’s worth examining if this application is worth making mandatory to the HKS community.

My framework to unpack this is as follows:

1. Examine who may target HKS
2. What damage is HKS worried about
3. Ranking the significance of threats
4. Would LastPass make a difference?
5. Possible alternatives

Who Would Target HKS?

To follow the thought process of Adam Shostack in Threat Modeling: Design for Security, I’ll take a look at a few external threats to HKS first.

• Foreign Governments
• Other Universities
• Scorned Applicants/Prospective Applicants
• Journalists/Public Interest Organizations

Internal Threats

• Students and Faculty!
• Friends, Family and Partners of the HKS Community
• Unsecured Technology within HKS
• Vulnerable HKS Technology Staff

How/Why These Actors Would Damage HKS

• Foreign governments
  • They may try to tamper with the information of or spoof high profile professors and students like Sec. Ash Carter
  • Through access to normal student profiles, they may gain access by spoofing students
  • These actors may even have the capability to deny service, disclose information, tamper, etc.
  • This is probably the most high profile threat
• Other Universities
  • They may target admissions or the administration to learn about practices or admissions statistics
  • Now may be a valuable time for another university, possibly a top Ivy League competitors, to learn HKS admissions secrets
    • While recent lawsuits have forced Harvard College to release many of their admissions secrets, this rumored “Z” list may be good ammo for a school going after the Harvard brand
    • HKS could also be threatened by similar things
• Scorned Applicants/Prospective Students
  • HKS has low rate of admission to the school. This creates a large pool of upset and very intelligent students that may want to cause harm to HKS or its current students
  • In a similar vein, highly-motivated prospective students may want to learn inside tips and tricks to increase their chances of getting in

Internal Threats

• Students and Faculty!
  • This may be the largest threat to the University. With each student’s login information, they can reach a lot of sensitive information about the University or individual people. Whether the malicious actor is a student, faculty member, or outsider, they can take advantage of and target many different aspects of HKS.
  • Also students and faculty themselves have expertise and institutional know-how necessary to threaten HKS.
  • This is of serious concern because there are so many students and faculty – meaning there are so many possible weaknesses in the digital security of HKS. The security of HKS is only as strong as its weakest link.
  • This fraud at NC State only required learning the personal information of students and impersonating the University Police phone number. It’s that simple!
• Friends, Family and Partners of the HKS Community
  • They may access HKS’s system on behalf of their friends/family members. At the very least, they may learn the passwords/information necessary to spoof these HKS community members.
  • This group may have similar access and expertise as students, but are much harder to account for because they aren’t normally “listed” anywhere.

Introducing LastPass to the Mix

LastPass does a good job protecting individual people from spoofing and tampering by encrypting all of your passwords and creating a vault of passwords accessible with one master password. But is it important to add this as a mandatory security measure for HKS?

Pros:

• Could reduce the threat of illicit access to student and faculty profiles
• Proper use lowers the likelihood of internal and external threats
• In theory, a simple addition for a great deal of protection
• Targets one of largest concerns of HKS security: safety of student and faculty accounts and data

Cons:

• Miscalculates user motivation
• Difficult/expensive to institute and monitor
• Invasion of Privacy?
• Cost outweighs security benefit

Based on this list, I think the costs of making LastPass mandatory outweighs the possible security gains.

For one, I think this policy misidentifies the interests of the user. Most users don’t have much of an incentive to use LastPass effectively. For those within HKS seriously concerned about security, they often have a password manager or would voluntarily use the service. But if you don’t think or know about password security, people will most likely add the application and never use it. Security isn’t often a concern for users until their data is breached, but at that point, it’s too late. I know that Google already autofills my passwords for most sites, a setting very common among people. Why change a good and easy status quo option like this without new motivation? Just by making LastPass obligatory, doesn’t mean people’s outlook and behavior regarding personal security will change.

As an aside, the strength of LastPass master passwords can be an issue. I currently use LastPass, and the master password I initially created was not very different from passwords I used on other sites. Those of the HKS community that are most vulnerable, i.e. the people that repeat passwords or create simple passwords, will probably not use the application well. People are consistently told to create new, long, and difficult passwords to remember and they don’t. Why would they do it now with their LastPass master password? If users even put all of their passwords within LastPass, their password may just be a repeat of past passwords. While the LastPass vault is localized to your device, simple passwords still leave you vulnerable to people with access to your device.

Administratively, this would also be a tremendously difficult policy to effectively enforce. It would be very difficult, expensive, and invasive to check every HKS member’s personal device to check for the installation of LastPass. Beyond this step, HKS has no way to check if people are properly using the service. HKS can’t know people’s passwords and their strength – that would eliminate the point of the service. It’s also worth mentioning, does HKS have the right to invade people’s privacy by introducing a password manager? People have passwords for much more than HKS services, and forcing people to use LastPass may infringe on people’s personal rights.

Costs vs. Benefits

I believe the potential security benefits from LastPass are not worth the hassle of enforcing a compulsory usage policy. At its core, this policy would not significantly change the values and interests of target populations at HKS. Many people don’t want to think about their passwords or security and are fine with the status quo. Those that value security most likely would use the application without prompting. Additionally, the administrative costs of this policy would be immense in order to monitor so many personal devices.

For a great cost, this policy would maintain the protection of those that already valued security, and likely leave those that don’t care in similarly vulnerable position. This would do little to improve the security situation of the University for a very great cost.

Alternatives

• Internet fluency courses for students and faculty
  • Exposing them to the real-life digital dangers through cases and high quality information
  • Can change motivation, which in turn, could change behavior
  • For students, it could be a part of our “very mandatory” orientation
• Focus on Other HKS Digital Security Concerns
  • Address a different threat
  • Ex: Unmanned computers all over campus people can access

Let’s try to be better than Canada with our data…

Given a mandate from the Governor of Massachusetts with a budget of $1 billion, I have a plan to make the state of Massachusetts a platform. At least, I have some general principles and guidelines. Of course, in the real world, giving me, a 22 year old, $1 billion and complete freedom to transform a state’s government may be ill-advised…But let’s dive right in!

What Does a Platform Government Look Like

By definition, the platform for the State of Massachusetts would just create standards for others to build off of. To paraphrase Tim O’Reilly, this approach assumes that people provide value to the government rather than the dogma that people pay taxes and expect services from the government. My platform government would include:

1. A User-Focused website/experience
   • The entire purpose of making government a platform is to receive input and innovation from people outside of government itself. This requires government to tailor its services to users to maximize their participation. Websites and services should be easy to access, devoid of excessive questions, and empathetic to the user experience. This will allow people to maximize the platform and truly build off of it.
2. Open Data Available to All
   • This is key for participation from people throughout Massachusetts and beyond. By providing open data, which does not include things like personal data, people can use this resource to improve society. For example, organizations and individuals can build off of government data and produce apps or policy solutions to problems in society. Then government can work with these people to scale solutions based off of these innovations. Open data is key to granting people access to their government and creating an environment where innovation is possible
3. Simple Standards for Use/Regulation
   • Part of the job of government, even as a platform, is to regulate the use of its services. That being said, these should not be extremely cumbersome. As someone who interned for a Congressman, I learned the application process for services like Medicare and Medicaid stand as large examples of how NOT to do this. For example, just to receive durable medical equipment included in your Medicare, people have to find the correct page under “how to file a claim” on the Medicare website, print and fill out a four page document, then mail it to differing locations based on their state of residence. After that, waits can vary for this extremely important equipment. Check out this cumbersome process here.
   • The standards and regulations governments put on their services should be transparent, and easy to use and understand.
4.  Government as Iterative and Flexible
   • With government as a platform, Massachusetts will not be able to predict what is built off of their services. Without an understanding of what the future will hold, government needs to adapt quickly. Whatever people demand, use frequently, and innovate should dictate how government needs to change to address those demands. Government needs to frame itself as a facilitator.

Let’s Get Specific: Which Services Do I Address?

Making the Massachusetts state government into a platform can’t happen immediately, so I need specific criteria that will help me create an order of operations. Below are questions/criteria I will consider in choosing my first areas of concern:

1. Which government services are used the most by citizens
2. What government services are most criticized
   • Both of these address a common thread: “as a user, what services do I care about the most and think improvement is most necessary”
3. Which government problems burden people the most?
   • Which ones burden government officials the most?
4. What government service’s data is most useful to people/businesses?
5. What are the largest issues people have with their government?
   • Does anything relating to ease of access or user experience underly these issues?
6. What do I have the capacity to initially change?
7. What is a good service/problem to address to gain support for my grand plan, thus, allowing me more money, creative license, and room to fail

The point of this list of criteria is to determine individual/government interests, priorities, and a gauge of the government’s ability to make a change. My starting point will need to be targeted to make the largest possible impact in people’s lives with my current capacity so my platform concept gains popularity. This should help slow-moving government more quickly adopt my approach, and give me latitude to work with other issue areas in the future. My first step, more than anything, needs to make a noticeable difference in our user’s lives.

My Governance Model

Decision Structure

Borrowing the approach of a place like Estonia, I would try to create a system of shared data among each of the departments in the Massachusetts state government. As pictured, each department should have access to a common “internet” source of data once passing through certain security. This would remove repetition in the data each branch of government stores while allowing each department to benefit from the information of others.

Operating Procedure

Through establishing set standards for information, different cities in Boston could contribute data in one format on their residents that would then be available to all of the state departments on the network. This network could then have open data, with certain regulation on sensitive material, that cities, citizens and the state could access through the network. Additionally, this would connect people to State services.

People in the state of Massachusetts could access their profile of information by logging into a portal where they will have access to their data and open data of the government. This portal will grant citizens access to the services they need from the state government.

Encouraging Collaboration

People, through their profile, should be able to upload data, submit recommendations, and communicate with their local governments about concerns or ideas of service. After city review, these can be released in the common internet space for relevant state departments to review and address these concerns. This will allow citizens and cities to better communicate with state government, allowing it to be adaptive to real-time citizen concerns

This sort of plan could be feasible in the state of Massachusetts because it only has 6.8 million people. Estonia, for example, only contains about one million people, making this sort of project attainable. Massachusetts is in a similar position to make this work. This sort of coordination among cities and the state government would me much more difficult in one of the more populous states, like Texas or California. But, Massachusetts should not be too large to handle this kind of system.

My plan for the state of Massachusetts to move to a platform is aspirational, but there are key ideas than can help any government improve its services. Anything to move beyond sticky notes in government…

I’m still somewhat scarred by my consulting project for Pittsburgh Action Against Rape (PAAR) as a part of Students Consulting for Nonprofit Organizations (SCNO). They came to us seeking help with a variety of projects aimed at optimizing their advertising campaigns. In my first meeting with the client, I had the bright idea of creating a spreadsheet using census data to target their campaigns. So if they wanted to find the neighborhood in Pittsburgh with the highest proportion white females aged 40-50, they could refer to this excel spreadsheet. Of course, they didn’t have the time or capacity to ever create something like this, but they loved the idea.

I left that meeting and delegated the project to a computer engineer in my group. I told her to create a spreadsheet using census data that could be sorted by each county, then sorted by ethnicity makeup and the age makeup of women. So the end goal was to give PAAR the ability to target counties with women that had the greatest proportion of women of a certain age and ethnicity.

A few immediate issues: I had no idea how to create this template. My conversations with PAAR and my teammate never included any “specifics” about the database.

Early on in the project, I just let my teammate work and didn’t ask much about the project. As the semester continued, I started to ask more about the project, and I’d get vague status updates. I was fine with this though, because I had no expertise in the subject. I just wanted to hear that it was coming along. She could’ve told me just about anything, and I would’ve said it was fine. Because I had little information or understanding about the spreadsheet, I gave very few status updates to the client. We never discussed more specific things they wanted, or talked through the details of the spreadsheet. I just said it was coming along. Come presentation week, I asked to see the spreadsheet. My teammate showed me how the excel sheet linked online to the census data and could be sorted. After about 20 minutes of explanations about the processes and what the data that appeared meant, I thought we were set!

Yet, when we showed this spreadsheet to the client, I realized how completely misguided I was. First, they did not understand what the data meant on the sheet. Also, the steps needed to reproduce the output using different data were complicated and they seemed confused. Also, they wanted the data organized by more than just ethnicity and age – we had just not spoken about those kind of details since the start of the semester. I left that presentation so disappointed. I knew my group had the capacity to create a spreadsheet that really could’ve helped them out. Instead, we left them with this burdensome sheet they probably were never going to use. They didn’t know how to use it, couldn’t understand the output, or even refine the data in all the ways they wanted.

This waterfall project truly crashed in my face.

On a grand scale, I should’ve tried to create a more agile system of designing this spreadsheet. One of the major reasons agile was appropriate for our project was because it dealt with an unknown goal. We had never created this spreadsheet, didn’t even know what it should include, and needed the flexibility of this organization. Instead of treating the analysis, design, coding, and testing elements of the project as separate, distinct categories, we should’ve done each throughout. This would’ve improved the visibility of the project for me and our client, alerted us to issues with the spreadsheet early on, and provided enough time to go back and fix them. Instead of one big failure at the end with waterfall, we could’ve had a few small failures with agile and produced a viable product at the end.

This means that early on I should’ve asked my teammate to try and link the data for one county and show me the spreadsheet in action. Then I could’ve asked questions and showed this output to the client. Feedback from the client and me would’ve helped us better understand the spreadsheet and better tailor it to the client. This is similar to the idea of creating a Minimum Viable Product from The Lean Startup. It reduces risk and would’ve left us room for small failures in order to get a big return.

Early on, I also should’ve also tried to bridge the gap between “policymaker” and implementer. I had created a plan, but I needed to talk to my teammate that was actually creating the spreadsheet to learn about our strategy. Yet, similar to the planners in the healthcare.gov project, I had zero interest in learning the details of the spreadsheet. I had an idea, I assumed it was infallible, and I wanted my teammate to just create my vision without any growing pains or failure. This means I needed to ask about the steps involved to make this spreadsheet. I needed to know the nitty gritty details, the designer’s thought process, and have the know-how to try and help my teammate streamline our service. Instead, I remained closed off.

Borrowing ideas from the Digital Services Playbook, I also should’ve thought about functionality of this spreadsheet for our actual client. Important things I ignored: addressing the whole user experience (not just possible numbers the sheet could pump out) and focusing on simplicity. By thinking about these details early on in the process, I could’ve intelligently critiqued the projects progress throughout. For example, if I didn’t immediately understand how to run the data through the system or what the output meant, how could our clients? I should’ve asked these questions early and often. Even when I did at the end of the project, I should’ve known that my confusion would me mirrored by our clients. Instead, I kept marching down the path of making an unusable finished product.

There were many other issues beyond these that I should’ve addressed earlier, and it’s so easy to look back and critique. But it is challenging to address these issues in the moment. Here are a few things that I think may hurt me from implementing agile, flexible projects in the future:

1. My comfort with hierarchy
2. Fear of looking unintelligent
3. Lack of empathy/vision about client needs
4. Thinking my vision is a reality rather than a hypothesis

These are real issues, but I can fight these urges throughout the project. One guiding principle that will drive me is that these project plans are actually project “hypotheses” that can change. This flexible mindset will allow me to focus on these others items:

1. Failure is important and makes our final product better
2. A focus on the client’s user experience and goals needs to be consistent throughout, even if it involves changing the plan
3. I can’t silo myself into either the policy or implementation side of projects – an understanding of both will help me greatly

The saving grace of this project is that it happened in a low-consequence environment. We were doing pro-bono work for a nonprofit – they were just happy we were doing anything for them. Yet, I know that a large failure like this can be very costly in the real world. It’s just important that I apply these lessons to future projects and environments where large failures will be more damaging. At least they appreciated our work! 

Our project team at the final presentation

Welcome to Weblogs at Harvard. This is your first post. Edit or delete it, then start blogging!