Government to Business E-Services – Accountability and Trust

The authors divide their research in several phases. First, they conduct a literature review in order to identify relevant studies and theoretical papers covering the topic of governmental e-services. Then, they conduct an environmental scan in order to identify relevant governmental e-services in the EU countries. Further, the authors focus their research on eight European countries and conduct a deeper analysis of the implemented Government to Business (G2B) e-services. Research is centered on the eight G2B e-services. The identified e-services are firstly ranked according to their maturity level, and then analysed by using a developed questionnaire. The aim was to systematically collect enough information on the e-services in order to be able to conclude if the users may consider an e-service as responsible, reliable, accurate, secure, transparent and trustworthy as well as to conclude if an e-service addresses privacy issues, duties to remember, and the right to be forgotten. The comparative analysis of the identified G2B e-services in the eight European countries identifies weak spots of e-services and points them out in order for them to be improved. The identified gaps refer to the long-term service continuity plans, policies giving information on storage and preservation methods, long-term preservation of digitally signed records, use of clients’ data etc. One of the by-products of this research is a check list which can be used by the users of e-services as guidance for establishing trust in an e-service they (intend to) use but it also can be used as guidelines by e-service providers. The authors conclude that not only the comparative study provides an insight into the state of development of G2B e-services in the investigated countries but it also reveals the areas of possible improvements in the context of establishing accountability and trust in governmental e-services in general.


Introduction
From the late 1990s, the influence of ICT and its adoption in the governmental sector had a great impact on the various aspects of how citizens and businesses interact with different governmental services, resulting in new types of services being introduced, namely e-services and the development of e-government (Lemieux, 2016;Andersen et al., 2010;Palanisamy, 2004). Such developments are changing the way that service firms and consumers interact, and are raising an increased interest among researchers in understanding how e-servicing impacts on citizens or businesses, their satisfaction, their loyalty, their service quality expectations, and how this knowledge leads to better frameworks for e-service provision (Boyer et al., 2002;Rust and Kannan, 2002;Esteves and Joseph, 2008). E-service is becoming increasingly important not only in determining the success or failure of electronic commerce, but also in providing consumers with a superior experience with respect to the interactive flow of information (Rowley, 2006), being crucial in the development of e-government.
Although e-government provides a number of key benefits, many researches have shown that eservices will only be adopted if people consider them trustworthy and reliable (Caldwell and Hansen, 2010;Bélanger and Carter, 2008). According to Collesca (2015) citizens' trust, leading to adoption and use of e-government services, has two dimensions: trust in the governments and trust in Internet. Before trusting e-government initiatives, citizens must believe that government possesses the managerial and technical resources necessary to implement and secure these systems. While the use of technology can improve control in these e-government services, technology by itself is not enough to ensure trust, as observed by Lemieux (2016): "While the efficiency gains that use of ICTs in these specific areas may well have seen improvements in public sector capacity to process information, there is evidence that the overall impact of introducing ICT systems on transparency and accountability may be less than clearly positive." In the context of G2B e-services this means offering, within the government, the ability to track and monitor transactions aimed to promote the accountability and responsiveness of the responsible government department, as well as how much information an interested citizen could obtain on the selected e-service. This paper is focused on the analysis of the implemented governmental e-services of the Government to Business (G2B) type. In the analyses the publicly accessible information on e-services were gathered in order to understand if users should trust them. The underlying idea of the research is that easy access to understandable information about a particular e-service could add to the perceived trustworthiness and reliability of the service itself.

Related research
Most of the literature refers to four types of e-government interactions (Seifert and Petersen, 2002;Rust and Kannan, 2002;Evans and Yen, 2005): Government to Government (G2G), Government to Citizen (G2C), Government to Business (G2B), Government to Employee (G2E) with some sources adding two more categories (Yildiz, 2007): Government-to-Civil Societal Organizations (G2CS) and Citizen-to-Citizen (C2C). G2B e-services include all relationships between governments and businesses (private sector) including the activities offered by the public sector to the private sector via the Internet (Rowley, 2011;Evans and Yen, 2006). G2B e-services aim to handle and provide the main services needed by the private sector in the most convenient way, such as registering business information, renewing licenses and tax payments (Fang, 2002). Yildiz (2007) examined the body of literature on e-government and concluded that typical studies of e-government are either output or outcome oriented. Output oriented studies examine the output of e-government efforts, the artefacts, such as web sites and online government services, while outcome oriented studies, on the other hand, explain which government performance indicator (i.e. cost, transparency, efficiency) is improved as a result of a particular e-government effort. The focus of these two types of studies is generally accompanied by the purpose of determining best practices for benchmarking where the objective is to find successful cases to emulate (Yildiz, 2007). One of the most exhaustive reports of such type is the report Digitizing Public Services in Europe: Putting ambition into action (European Commission, 2010), a 9th Benchmark Measurement by European Commission, where 20 basic services were selected that offered a fair representation of government services in the EU27+ countries. These and other studies emphasize that, besides overcoming technical challenges such as developing secure identification and authentication systems, poor infrastructure, lack of standards for quality, design of websites/portals, unreliable Internet connections and issues related to security and privacy (Schwester, 2009;Ebbers and van Dijk, 2007), governmental e-services must ensure the level of accountability and citizens' confidence that government agencies will not misuse their personal information. Overcoming these challenges will help increase citizens' trust in e-government (Rose and Grant, 2010) since, form the users' point of view, accountability, confidentiality and the safety of citizens' personal information are some of the citizens' main concerns (Dutton et al., 2015, Albesher, 2016. In order to achieve all that, the data and the records in the e-services not only have to be available, but they also have to be preserved in the long term. During the preservation it is highly likely that the data and the records will be subjected to one or more digital preservation procedures, e.g. file format conversion, media migration, application emulation or system virtualization. From the archival point of view it is important to preserve authenticity, reliability, integrity and usability of the records (ISO 15489-1, 2001) and in some cases also the non-repudiation of digitally signed records or transactions. It is not enough to preserve data and records only as information objects. The context is important as well as the establishment of formal digital preservation processes and policies. It is because no digital archive or e-service exists out of an institution or organization responsible for them. Therefore, for the users of governmental e-services it should be important to have enough information on the established long-term preservation processes, of the methods used to store, archive, protect but also safely delete the data, of the place of storage (whether it is on the national territory or outside of the national borders), but also if there are any guarantees that the users' data will be used only for the defined purposes. Thus, the system operation transparency supports the overall users' trust in the governmental e-services.
Many citizens are reluctant to adopt e-government services due to lack of trust in them. This concern is not without merit. Citizens' confidence in government and technology is a key factor to the wider e-government adoption, and therefore new insights from the user perspective are the key in understanding how adoption of e-services could be more successful.

Method
The starting point for the research was the report Digitizing Public Services in Europe: Putting ambition into action (European Commission, 2010), that identified G2B e-services across eight European countries identifying weak spots of e-services in order to suggest possible improvements. Of the services analysed in that report, 8 are aimed at businesses (G2B): 1) Social contributions for employees, 2) Corporate tax: declaration, notification, 3) VAT: declaration, notification, 4) Registration of a new company, 5) Submission of data to statistical offices, 6) Customs declaration, 7) Environment-related permits (incl. reporting) and 8) Public procurement. These 8 services were then used for the environmental scan, where relevant governmental eservices were identified by EU countries. This resulted with the creation of a matrix of existing eservices by country. The research focused on eight European countries: Belgium, Croatia, Denmark, Estonia, Germany, Lithuania, Sweden and United Kingdom. The Croatia was chosen for comparison because the research was done in Croatia, because of the availability of needed materials, and the possibility to compare Croatia's development with the other countries' development. The other seven countries were chosen on the basis of the best online availability of the materials needed for the research at the time the research was done 1 .
The business to business (B2B), business to citizens (B2C), and citizens to citizens (C2C) e-services were not analysed because they are not considered as governmental e-services. The results and the discussion in this paper focus on the eight G2B e-services.
The key question, which was used to determine whether to proceed with the analysis of an eservice or not, was the question on the level of informatization. In order to proceed, the e-service needed to be at a maturity level 2 or higher. If it was lower, it was not considered as an e-service (Table 1). 1 Information Only information about the service is available online (e.g. description of a procedure).
2 One-way interaction Downloadable forms are available online. Empty forms could be filled in using computer or could be printed. 3

Two-way interaction
Forms could be filled in online for which authentication is needed. By submitting online form a service is initiated.

Transaction
A complete service is available online -fillable online forms, authentication, payment, delivery or other types of complete services.

Iteration
Iterative services (e.g. obligatory statistical reporting) which are automatically initiated, and are creating automatic reports on a service being completed.
The identified G2B e-services of maturity level 2 or higher were analysed in each of the eight countries in order to determine the key service components. This was used to create the governmental e-service questionnaire (see Appendix). It consisted of 52 questions divided into 6 categories as follows: 1. Basic service information (11 questions) 2. Users (7 questions) 3. Business optimization (4 questions) 4. Technological solutions (14 questions) 5. Storage and long-term content availability (10 questions) 6. System operation transparency (6 questions) The researchers used the questionnaire while trying to find whether the required information was available online (i.e. publically available) or not. There were no contacts with the representatives of the investigated e-services. The motivation for this approach was to put the researchers in the same position as regular users and to try to judge if an e-service provides the information that could help users trust the service.

Results
Next, the results of the study, which examined a total of 64 e-services, and tried to get answers to a total of 3,328 questions, are presented according to the six mentioned questionnaire categories.

Basic service information
The first set of questions was intended to collect the basic information on the G2B e-service investigated. Regarding the start of implementation, the date varies greatly from country to country. Some of the services were developed during the 2000s, while others were developed earlier -during the 1990s. The earliest one found was in the corporate tax category -the Denmark's TastSelv, started in 1995, making it a pioneer in e-Government.
The maturity level, which was the trigger for further investigation if the level 2 or higher was detected, was the lowest in the category of environment-related permits. Most of the e-services in this category merely provided a printable form, giving them a low maturity level. Only Denmark and Estonia had an e-service in this category that had a maturity level higher than 2 (4 and 3 respectively). On the other hand, almost all investigated services from the category of submission of data to statistical offices had a maturity level of 5, providing a more or less automated service and delivery of data to national statistics offices.
Users usually can connect to more e-services from a central point of access (often using a single sign-on (SSO) system), like Gov.uk in the UK, though most of them are not interconnected, i.e. are not sharing the data between services. Interestingly, Belgium and Croatia both have e-services in the category of registration of a new company which are only available to notaries and not to the general public. Therefore, further investigation of these e-services was not conducted. None of the identified e-services in the category of public procurement appeared to be connected with any other governmental services.
As opposed to the regular, analogue services, the e-services, as expected, were always available. The understandable exceptions were interruptions of service availability during the scheduled backups or server overloads. For example, in Denmark, in the context of submission of data to statistical offices, there is a notification if the server is overloaded with transactions. If this is the case, the user is informed about the next available period for job run to start.

Users
The second set of questions explored the data on the groups of users using the services, if the use of a service is mandatory, the adoption rate of analysed e-services, user age groups, user satisfaction and if the service is adapted for users with disabilities.
Most of the services listed were not mandatory for businesses as the enterprises were also allowed to submit data in the paper form. However, a number of e-services are already implemented as mandatory in some countries (the only way of submitting the required data is electronically): Social contributions for employees (Belgium, Croatia); Registration of a new company (Denmark), Submission of data to statistical offices (Croatia, Germany, Sweden and UK) and Customs declaration (Belgium).
The data on adoption rates, age groups and user satisfaction was scarce since only few countries had published any statistical indicators or surveys. Belgium states that their e-service Social contributions for employees is used by 78% of small companies, 93% of medium companies and 98% of large companies. The prevalent age group that uses the services is estimated from 18 to 65. The e-service Corporate tax: declaration, notification has 3 million users in Belgium and 4.6 million users in Denmark. As far as the e-service Submission of data to statistical offices number of users range from 6,000 to 30,000 users with the largest number of users being IDEV in Germany and the system for Intrastat Electronic Submission in the UK.
The data on user satisfaction was lacking -only two e-services had any survey data. The e-service Submission of data to statistical offices has shown that the most valuable contribution to raising user satisfaction is the possibility of using enterprise BMS' data import for statistical purposes (Belgium, Croatia, Denmark, Germany, Lithuania and UK). In Belgium, users' satisfaction is high -the users wanted a simpler channel for data submission and now they use it extensively. In Croatia, users of eUpitnik are satisfied with the modernisation of statistical surveys, and this is evident in the raise of the number of users submitting data to NSO electronically (>90%). Sweden provided some survey data on their e-service Corporate tax: declaration, notification where some disadvantages pointed out by the users were lack of a multi-language option, difficult to use for non-regular internet users, problematic codes, lack of control over users' tax affairs, declaring without understanding the implications, and the fact that deductions cannot be made.
As far as the adaptation of analysed e-services for users with disabilities, considering the fact that all e-services in this category are accessed through a web browser, we could argue that they are immediately adapted for users with disabilities since web browsers can change font size, have textto-speech plugins etc. None of the services used Flash technology which could prevent the mentioned web browsers' functionalities. The only service which was intentionally adapted for users with disabilities was Customs declaration (in Denmark, Sweden and Germany).

Business optimization
The questions in this research section aimed to find information on whether the use of e-services had any positive financial indicators for the users, i.e. if e-services could be seen as a mean of business optimisation.
Declared positive indicators were found with three e-services. Belgium reported positive financial indicators for their e-service Social contributions for employees where the e-service significantly decreased the time required for processing the user application for benefits. Sweden reported the same reduced time needed for opening a new company using the e-service Registration of a new company. Also the e-service Submission of data to statistical office reported positive indicators for both sides -enterprises and statistical offices.
The use of e-services in the business optimisation context accelerated the whole process which had an impact on contributing to faster data processing and valuable reuse of collected data.

Technological solutions
This section investigated technological solutions relevant for authentication of users, used protocols, use of e-signatures, types of applications used as well as the facts around hosting of the e-services.
There are three dominant types of users' authentication present in the analysed e-servicescombination of username and password, e-ID and digital certificates. The communication channel between servers and client stations is encrypted with SSL/HTTPS protocol in almost all countries. However, this information was not always transparently proclaimed and there were problems finding the exact information about protocols used. Digital certificates are generally used with the e-services using e-ID and m-ID and the detected formats of digital signatures in use are XAdES and XMLDSig.
Since the analysed e-services were of the maturity level 2 or higher it was expected to confirm that the users dominantly fill in and send out data using a web form. If there is an option to attach a file, .pdf appears to be the standard format. The answers to the set of questions regarding hosting of the service, in-house, elsewhere in the same country, or in the cloud, were very hard to find. Though some information was found pointing towards the fact that most of the e-services in the categories of Customs declaration and Public procurement were being hosted within their responsible institutions, no information was found on the required certificates or the use of cloud and its location for any other e-services in any of the investigated countries.

Storage and long-term content availability
The intention behind this category of questions was to investigate whether there is any information available on the retention periods and (safe) deletion after its expiration, compliance with any of the long-term preservation standards etc. in order to detect the practice of e-services and suggest possible improvements from the archival point of view.
Regarding information on data retention, expectedly a broad range of time frames apply. Thus, in the case of the UK's e-service for Registration of a new company all data are deleted after 90 days, while in the case of the Croatia's e-service for Social contributions for employees the data is kept in the system for 30 years. Other e-services fall between these two extreme examples, but for the majority of the investigated e-services there were no information available for any of the questions regarding storage and long-term content availability. In few cases where information was found, again for the Social contributions for employees, the data is stored outside the responsible institutions and the data centres are usually located within the same country as the responsible institutions -the cloud server for Croatia is located within the country, DEC is within Estonia, rvArchiv is within Germany, and EAIS is within Lithuania,. For the same category, Lithuania's e-service was the only one from all categories to provide information on long-term preservation formats and long-term preservation standards, those being PDF/A, and XAdES-A.

System operation transparency
The questions in this category were aimed at checking the system operation transparency of the governmental e-services. The questions investigated the existence and availability of the use policies, e.g. regarding the use of users' data only for the defined purposes, the possibilities of error corrections by users, monitoring the status of their application etc.
Most of the analysed e-services in all investigated categories have a defined service use policy. However, rarely those policies have any information on the guarantees that the users' data will only be used for the defined purpose. The only e-service with proclaimed technological measures guaranteeing the users that their data will be used only for the defined purpose was found in Belgium in the category of Public procurement e-service, where it is said that the data will be treated in accordance with the law passed in 1992 on the protection of privacy in processing personal data.
No information whatsoever on the existence of the requirements that employees have to sign a non-disclosure agreement were found apart from the category of Submission of data to statistical offices where such agreements are usually required by the law.
In cases of almost all e-services users can access and view their data. Also, most services allow corrections or updates of users' data and the ability to monitor the status of their application. In the case of Submission of data to statistical offices users can browse through archived and current submissions.

Conclusion
In the conclusion we will try to identify information gaps on the analysed e-services, i.e. the lack of information and documentation. Also, we will discuss the importance of the issues related to the issues of trust in the governmental e-services.
Generally, the information on different governmental services across analysed countries was not easy to find. Some data was completely missing, and often could only be found in the official national language. Even the basic information on the services, such as implementation date and the government agency responsible, was not very easy to find. The agencies rarely conducted any user satisfaction studies or collected basic demographic data on the users of e-services. Overall, while the answers from the beginning of the questionnaire were easier to find it was increasingly more difficult to find the answers required by the last two questionnaire sections.
It would seem logical that the most documented part of the e-services would be the technological aspect, as that is often cited as the central part of the e-government initiative, both in literature (Andersen et al., 2010;Palanisamy, 2004) and the adopted definitions (World Bank, 2015). But even from the technological aspect, where the interconnected e-services should, ideally automatically, exchange the data, little or no information on the kinds of technologies used for development of the e-services were available online. The availability of this information could potentially increase general feeling of trust in an e-service. The use of proprietary technologies has more potential to become a problem in the long run.
Although one can argue that technology is a part of these challenges, some authors argue that technology is probably the easiest challenge to overcome as it is relatively inexpensive and very efficient (Schwester, 2009). Therefore, government organisations should not put emphasis on IT factors for transformation to e-servicing but rather point out other factors such as people, politics and culture (Collesca, 2015), where transparency and accountability are the building blocks of trust (Lemieux, 2016).
The lack of information on hosting of e-services is worrying. It would be good to know that the service and its data are either hosted by the responsible institution or in the cloud under the required jurisdiction. Failure to provide this information could make the informed users reluctant to provide the data or use the e-service.
Lack of information regarding retention periods, storage, deletion and the long-term content availability policies came as a surprise in this research. It was expected that there would be more information publically available on these issues. However, we suppose that it is not the case of non-existence of such policies and procedures, but the non-awareness of the need to make them accessible to the users. It is our opinion that the availability of such documents could lead towards establishing more trust of the users in the e-services and the responsible institutions. Therefore, in our opinion this particular issue should be promoted more eagerly outside the archival community as well.
Information on the usage of the users' data only for the defined purposes should appear more often in the e-services' use policies in order to achieve better system operation transparency and enable trust in the responsible institutions. Also, the information whether the employees are required to sign the non-disclosure agreements or not could improve the overall feeling of trust. This would greatly improve the system operation transparency.
Long-term preservation of electronically signed records requires the preservation of digital certificates as well. Virtually no information on this issue was found. E-service providers should somehow assure users that they will be able to address this issue, or at least that they are aware of the problem, and that they are actively looking for the solution. One of the possible solutions suggested by the earlier InterPARES project research is to record the trace of the signatures as metadata.
The research presented in this paper tried to identify the weak spots of e-services and point them out in order for them to be improved, not only by the investigated e-services, but also by other eservices either already in place or being planned. One approach to ensure the necessary levels of transparency and trust is to provide as much information on the respective e-service as possible.
In that context, the questionnaire developed for the purpose of this analysis and transformed to a checklist (see Appendix) can be used by the users of e-services as guidance for establishing trust in an e-service they (intend to) use. If they are able to find (most of) the answers in the available online documentation they could make an informed decision. Of course, this would require a bit of technical knowledge, but the mere availability of information could be a positive sign even to an uninformed user. On the other hand, the developed checklist can be used as guidelines to the e-service providers. There they can find the systematized set of questions they should provide answers online if they want to become a trusted e-service provider.
This comparative study provides an insight into the state of development of the G2B e-services in the investigated countries but that it also reveals the areas of possible improvements in the context of establishing accountability and trust in governmental e-services in general. The identified gaps refer to the long-term service continuity plans, policies giving information on storage and preservation methods, long-term preservation of digitally signed records, use of clients' data etc. Ideally, the e-services should aim to be responsible, reliable, accurate, secure, transparent and trustworthy as well as to addresses privacy issues, duties to remember (i.e. digital preservation), and the right to be forgotten (i.e. safe deletion).
Disclaimer: There might have been information available online at the time of the research which escaped researchers for various, previously mentioned, reasons. However, the researchers conducted the research with due diligence and possible omissions were not intended.

20.
Has there been a decrease in time required to process users' applications (are there any indicators available)?

21.
How did the service affect the organisation of work processes in the responsible organization in terms of the required number of workers?

22.
What are the plans for upgrading and expanding the service in the future? 4. Technological solutions 23.
What type of authentication is used?

24.
Is the communication between the server and client station encrypted (SSL, some other protocol)?
25. Does the service use eID? If yes, which one (list all if more than one eID exists)? 26.
Does the electronic signature use digital certificates? 27.
If yes, which format of electronic signatures is used?

28.
In what way do the users fill in and send data (downloadable forms, send by e-mail, online etc.)? What type of application is used on the client side?

33.
Through which channel(s) is the service available (computer, mobile etc.)?

34.
Is the service hosted within the responsible institution?

35.
If the responsible institution is hosting the service, does it have the required certificates?

36.
If the service or any of its parts is hosted outside the responsible institution, does it use the Cloud?

37.
What is the retention period for the data in the system?

38.
Is the retention period defined by a law/regulation or some other act? If yes, which one?

39.
Are the data deleted after the retention period expires?

40.
What is the preferred long-term preservation format(s)?

41.
Does the service use a method of materialisation of data (conversion from digital to analogue format, e.g. printing, microfilming etc.)?

42.
Does the service comply with any of the long-term preservation standards? If yes, which one?

43.
Does the service offer use of an electronic archive as an additional service? Are there electronic document safe services?

44.
Are the data received through the service stored within the responsible institution's information system?

45.
Does the responsible institution possess the required certificates that guarantee security of the stored data? 46.
If the data are at least partially stored outside the responsible institution, e.g. in the Cloud, is the Cloud/Data centre located within the same country as the responsible institution? 6. System operation transparency 47.
Is there a defined service use policy?

48.
Are there any proclaimed technological measures guaranteeing the users that their data are only used for the defined purpose(s)?

49.
Are the employees required to sign a non-disclosure agreement?

50.
Can users access and view their data through the service?

51.
Can users correct or update any of their data within the service? If yes, can the request for correction be sent electronically? 52.
Can users monitor status of their application?