icm2re logo. icm2:re (I Changed My Mind Reviewing Everything) is an 

ongoing web column edited and published by Brunella Longo

This column deals with some aspects of change management processes experienced almost in any industry impacted by the digital revolution: how to select, create, gather, manage, interpret, share data and information either because of internal and usually incremental scope - such learning, educational and re-engineering processes - or because of external forces, like mergers and acquisitions, restructuring goals, new regulations or disruptive technologies.

The title - I Changed My Mind Reviewing Everything - is a tribute to authors and scientists from different disciplinary fields that have illuminated my understanding of intentional change and decision making processes during the last thirty years, explaining how we think - or how we think about the way we think. The logo is a bit of a divertissement, from the latin divertere that means turn in separate ways.

Chronological Index | Subject Index

No bit for blame: the OxCheek and SmartAss story

About contractual terms and risks of algorithmic extortions

How to cite this article?
Longo, Brunella (2017). No bit for blame: the OxCheek and SmartAss story About contractual terms and risks of algorithmic extortions . icm2re [I Changed my Mind Reviewing Everything ISSN 2059-688X (Print)], 6.2 (February).

How to cite this article?
Longo, Brunella (2017). No bit for blame: the OxCheek and SmartAss story About contractual terms and risks of algorithmic extortions. icm2re [I Changed my Mind Reviewing Everything ISSN 2059-688X (Print)], 6.2 (February).
Full-text accessible at http://www.brunellalongo.co.uk/


London, 11 October 2017 - I would like to say this is a story about business re-engineering. But the term is so in disuse that can be misleading. In fact, it was furiously fashionable in the early 1990s, a looming and exciting age of automation and interconnection of functions, departments, processes and, of course, data all across the worlds of manufacturing and services.

We emerged from that full immersion with some clever and promising concepts - the matrix organisation, the learning organisation, the openness of the internet to commercial interests to name a few. I do not have any particular inclination to nostalgia for those years but for the optimism of the 1980s and the early 1990s: technologies of information and communications (ICT) and those who had the skills required to bring them into the offices, from R&D to administration and accounting, were seen with a very positive attitude by boards of directors and decision makers.

Long gone those days, there is now much more excitement because of the consumers’ role in democratisation and pervasiveness of the same ICT technologies but, sadly, it is easier for consultants and executives to talk about adverse targeting and failures acceleration than about design. Organisations are increasingly seen as boots needed to gallop from an idea to the next, from a unicorn to another one, and it is often more convenient to replace them than to keep them going and repair them - until they crash against the evidence there is no replacement available and they do have to stick with what they have to survive. Thousands of hight potential, creative and innovative firms do not find the magic of venture capitalists’ investments and do depend on the old fashioned skills of relationships with the right customers, marketing and sales.

Let’s say then this is a case of extreme automated inventory management, turned out to be the critical activity in a partnership between two companies, critical up to the point that it can cause them to fail very rapidly - and everything depends on how they manage the consequences of a pitiful mistake made in an algorithm. OxCheek is a very mature medium sized firm that provides human expertise in IT and project management through a national network of professionals. It is mostly active in training, event management and media productions but it retains also customers from the 1990s and early 2000s when they also offered websites developments. SmartAss is a startup, a sort of Uber for IT rentals that has reinvented this type of service providing not only IT equipment on demand but also a communications and administrative software platform useful for internal, customer services and marketing communications, and all the associated functions (logistics, the bookings system, the software needed to assure repairs, software upgrades, maintenance and stock rotation) in a compacted very effective dashboard.

OxCheek’s consultants agree jobs and take orders through a simple app, book IT and media equipment, deliver their services and return the equipment. It sounds quite simple, and in fact it is. The genius guys at SmartAss have managed to simplify and automate almost everything: their system takes the orders 24/7, they pack and deliver laptop computers, routers and other network devices, smartphones, cameras and other stuff needed as early as in 24 hours, they also manage to pick up everything, to ensure systematic maintenance and to provide accounting and invoicing services as well.

This is their story - I changed the names of the companies and omitted some peculiar aspects of their business circumstances in order to protect their privacy.

John, there is no money left

The contract between OxCheek and SmartAss took into account the fact the former was a mature business with an organisational structure exhausted and not sustainable anymore whilst the latter was a dynamic start-up much in demand of an sustaining investor or large customer.

SmartAss is not only a provider of IT rentals (laptops but also smartphones, and occasionally network devices such as routers). They have actually reinvented the IT rentals operational model all around a cloud based platform, new technologies such as virtualisation, sensors embedded in the machines, real time analytics and intense use of relationships management through social media, mobile computing and of course an app for Android and iOS.

Both companies felt that they could complement each other. Among other provisions meant to finance and support the partnership, the contract between OxCheek and SmartAss defined in 10% per annum the amount of interest due on late returns of any piece of item rented the collection of which should be rescheduled, most of the times at a very short or at no notice. This was due to “crazy” scheduling habits of many historical OxCheek customers so that it seemed useful to link charges for late returns to time-sheets and KPI, and make everybody aware of such costs in that introducing what was seen at first as a clever behavioural mechanism to promote more efficiency in personal project and time management.

SmartAss provided a web based interface so that everybody could have access to an easy to read dashboard with real time statistics and excellent data visualisation, helping predicting revenues and cash-flow in real time. The system was designed to calculate also the amount due for late returns.

The software specifications barely existed - just few pages of very high level description of the architecture and its security aspects - but at some point they mentioned a 10% due for “interests in late delivery and returns” and that was the source of the terms of reference passed to the legal department.

The OxCheek’s board was immediately happy with the new service: thanks to the partnership with the startup, they have almost got rid of the whole of their IT function. Laptops, cameras and other equipment were always up-to-date and used safely (whilst in the past the quality of the equipment had disappointed several customers), communications through the SmartAss app and web platform seemed in any way smooth and productive especially compared to the first generation extranet they had before.

Being everything so decentralised, agile, automated and fast it was with great surprise and disconcert that Claude, the OxCheek Chief Exec and Managing Director, learned something really wrong had happened possibly five or six months after they signed the contract and with the new IT architecture and system now in full swing and a major financial rollover in place. His attention was dragged towards some huge administrative inconsistencies: it looked like the SmartAss guys were waiting for massive payments that simply made no sense at all. Somebody had noticed the awkward issue of costs charged for late returns on a daily, weekly and monthly basis (whereas there was no problem with less than 24 hours delays). For instance, on a £800 monthly rental fee due for an item returned with 32 days delays, there was an outstanding invoice for £80 instead of just around £7.

OxCheek did want to keep on smoothly with the whole of the service but they needed to have this problem corrected as soon as possible because of the domino effect it could have on the whole of their administrative processes. They wanted the SmartAss team to work on a solution, both legally and technically, but minimising risks of disruptions within their teams of consultants and with their customers. Claude called John, SmartAss founder and Director, and found him deeply immersed in his virtualisation projects. John did not seem to get it at first. But he told me he fell from his fancy bar stool when Claude simply said to him “John, there is no money left for you”.

At this point they met up and then they decided to ask me some advice.

Defining change as a problem

We considered there was no explicit mention of a daily interest in the contract: this was the technical problem to be corrected as soon as possible. The next consequential step would be to fix the automatic calculations that should simply apply the correct daily interest for each day of delay plus a fixed amount for recovery costs - to cope with the inconvenience the error has caused in several other sub-routines.

SmartAss would at first preferred to proceed with an Agile approach, and modify the software straightaway because "obviously" in error, without caring about the contract's wording first. Claude, in turn, noted that only few undue overpayments had been made and any further one had already been halted.

So, in a certain sense, it seemed that by our kick off meeting they had already found a way to sort out everything. I was a bit confused and about to ask sarcastically “how can I help”?

OxCheek had entered a long term relationship with their young supplier so that they want to sponsor a review of SmartAss’s business plans and cash-flows as a matter of priority together with a review of OxCheek initial requirement. The two teams were pretty much convinced they had all the resources to manage the situation themselves and without any external support but they did not know what else they did not know about their partnership that could compromise their plans: at this stage in time, they thought it would be appropriate to verify the alignment between strategy and processes.

I said to myself “Never get an easy job, Brunella".

I turned to my professional communities and asked around what should be done.

On social media, I got only one reply from an american guy, Paul, working in finance who wrote me: “Maybe I'm being simplistic, but there's obviously a field entry used to calculate the late fee. Have the vendor/supplier change the entry to 0 for now. Concurrently, a discussion needs to take place regarding the omission of language in the contract regarding these fees. I'd also consider what else might be missing as well.”

I must say that whilst he did not say anything different from what others at SmartAss and from the DevSecOps community suggested, Paul’s few final words were illuminating. There was indeed something else missing I should prioritise.

OxCheek did not have a substitute supplier, and no intention to buy the startup. They did not want disruptions to the existing operations so... they could not ask SmartAss to just stop the check in / check out system "for now" and all the accounting system, the booking system and so on... how would they operate then? there was any alternative operational model.

OxCheek was a business re-organised and re-built on cloud / remote IT and through an operational partnership, the business had been reengineered as such from a previous traditional IT service: several hundreds of people were now connected nationwide to the supplier system and they were all depending on their smartphones’ apps to do their jobs. They needed and wanted to put forward a sustainable rapid and effective solution that would not put themselves and their young partner out of business...In that there was no quick fix, neither we started from the software side nor we started from the contract.

There were risks to be managed either ways, including the risk of not knowing they had entered an operational partnership without any proper and thorough testing or prototyping stage.

A warning for smart factories?

With such rumbling thoughts and chats in my mind, I turned to engineers and academics that are working these days on fascinating organisational and technological issues such as Industry 4.0 to see if anybody had already encountered a similar tricky situation, where a simple fix to an algorithmic vulnerability would have not sorted out the whole of the problem.

In fact, whatever solution would be adopted by Claude and John, both needed a certain degree of flexibility and ingenuity to review the terms of their partnership and improve the tools and the system so fundamental for their collaboration.

Industry 4.0 is a fascinating technological concept I am told was firstly presented at the Hannover Fair in Germany in 2011: the idea is that, eventually, all the big innovations we have seen in these late decades (Information and communication technologies, internet of things but also nanotechnologies and 3D printing) will eventually come together to determine a new form of factory called “smart factory”. That will operate precisely as OxCheek and SmartAss already do, in a totally virtualised environment.

With Industry 4.0 products will be substantially manufactured on demand, everything will be done almost in real time, suppliers and customers can interact and cooperate according to flexible processes that integrate industrial tasks (design the product, make it, test it) with business and services tasks (such as ordering, invoicing, taking a payment, delivering the product and tracking it), all sharing data through software platforms and communicating through a multitude of devices.

My round of chats on the theme was in some ways unsatisfactory. Costs savings, IT marketing and socio-political acceptance will presumably accelerate the development and adoption of the smart factory model but its organisational and support systems and services seem are being left terribly behind, conceptually and practically. What did they have to say about Claude and John’s problem? The pioneers’ fate?

Without structuring the change we want to bring into whatsoever organisation, it is almost inevitable that unknown risks creep in. It is also true that this has never been a deterrent for entrepreneurs or managers highly committed to innovation and new value propositions, and with almost no fear of failure because they do not have any alternative “plan B”.

The tension between these two sides of any innovative human endeavour is mirrored and perhaps even multiplied in cyber and digital businesses where they take the form of software artefacts or algorithms.

My vocational dream - that I trusted as good professional practice for large part of my career and I have been fortunate enough to put into practice in many projects - is still to embed good and creative design and specifications inside the product or service so that it carries on, in itself, everything needed to prevent risks of failure and misuses.

That may slightly increase the cost of design, of prototyping and production or development but assures quality and consistency over time, including consistency against the risks of those “unknown unknowns” that nobody can honestly predict at the beginning of any new venture.

The tough get going

As I stop ruminating about my learning, I went back to Claude and John and said all right, if that is what you want I am ready to meet your teams and deliver my tirades about a new way to work.

None of the typical attributes of a customer-supplier relationship showed any particular risk or problematic aspect in the OxCheek and SmartAss case: they had everything needed, including talent, good communication, well defined tasks, collaborative attitude and platforms, staff’ responsiveness and more.

Also the attitude towards the odd problem encountered was remarkably positive, in spite of the fact some consultants had been penalised with the domino effect of the late returns overcharges: nobody could say they knew exactly who was to blame for the error and both sides looked into it with a surprisingly cohesive team spirit, accepting they did not know how to manage the multiple interconnected and automatic aspects of it and needed some external support before going into any risk of disruption of their plans, because they did not have any contingency plan, there was no alternative way of doing things, no time left to re-think workflows to fix this issue across all the sub-systems and software pieces and ensure it will not come back in other unexpected ways.

After a couple of days of talks about the software specifications (nothing more than very fragmentary documents), I felt it was important to allow people to leverage on such team spirit and go further, understanding how the pitiful error could have happened - almost forensically.

It turned out there had been a period of several months between the first release of the system and the first formal internal communication about the problem during which nobody could say what actually happened! That, in itself, seemed appallingly wrong and inconsistent with the boosted dashboard of total real time transparency on all the business vital data.

We had to go through this forensic and curatorial “reverse engineering” approach to document and understand implicit terms of reference, groups and individuals responsibilities, and set the requirement for a technical and organisational review of the system that would ultimately make explicit (and an integral part of the contract between the two companies) the model used for bookings, for accounting, for invoicing and for the related fees and costs calculations.

We managed to redesign the system adding also a small but strategic human control that would give people the opportunity to review, to socialise and discuss their KPI and other personal achievements - not to stare at them, printing or ignoring them!

We left to the accountants and the lawyers of both sides the task of backdating the technical changes and applying them with fairness in a new contractual agreement, as we all wanted the partnership between the two companies to be trustworthy for a long time to come.

The motto of the fixing project was “no bit for blame”, that I invented rephrasing a popular campaign of my local community - “no place for hate”.


We not only managed to fix the crazy interest rate bug but re-tested the whole system in terms of cyber security resilience against risks of frauds and ransom-ware.

But after all, we built up the first layer of a common culture of “working together”, thanks and through automated operations. At the centre of the SmartAss system there was an aggressive and exceptionally efficient new way to automate inventory management and stock rotation but OxCheek’s people did not possibly need all that perfection.

I felt humbled and honoured to work with brilliant mathematical minds, that tend to think whatever iterative project and interaction in computational terms but also disconcerted to have to teach them how to exactly calculate how many minutes they are going to delay a task if they keep on chatting or if they go for another drink before office close - that mental calculus is a skill quite useful to cook perfect spaghetti al dente as well as to promptly spot algorithmic abnormalities!

I am sure that intervening on the “way of working” or on existing specifications with a corrective approach is going to be a huge area of change management demand in the next decade, and particularly in the Industry 4.0 area.

Experts have started looking into the abstract and yet essential distinctions about the role that algorithms play into private commercial negotiations and contractual agreements. We do not know yet what type of competences will succeed in preventing major breakdown due to superficial when not absent incorporation and translation of good requirements in terms and conditions and service level agreements.

Consequences of algorithms’ performance can spread widely and affect also employees rights, third parties, public goods and services. A very important distinction in terms of legal liabilities is the one between software programmes used as tools or employed as intelligent agents (that is now the “new normal” in financial markets dominated by computer trading as well as in the Bitcoin community).

A moment of collective learning was reached in 2010 when it was clear that “flash crashes” may suddenly happen anytime in any sector, as it happened when the Dow Jones Industrial Average dropped by 9% causing millions of dollars to be lost in few minutes. Nobody was able to understand what caused such crash, but to see there is an enormous gap of accountability and transparency that can lead to unrecoverable damages. These risks can become endemic in the digital economy well beyond the securities market and compromise operations up to hazards and disasters. At the same time, on a more positive note, again from the world of innovative finance, researchers have noted people increasingly trust what has been called “algorithmic authority” that turns often free from bias, errors of judgement, corruption and inequalities compared to human decision making. Until it fails dramatically.

Intellectual property rights and privacy laws shield algorithmic contracts in any sector not only from public scrutiny but also from a legitimate and fair demand for accountability on the side of customers, regulatory bodies, employees and contractors.

Not everybody in the corporate world is culturally and technically prepared as Claude and John to deal with the challenges of an extra-lean organisation in which the authority of algorithms takes over operations’ supervision and decision making, and can even lead to risks of extortions and litigations, with nobody knowing exactly what to do - because there is nothing wrong to be fixed in their own particular remit. The devil is not yet in a detail (the calculus error) but in the way the detail affects all the interconnected algorithms.

Claude - and in some disruptive ways also John! - have gone through the complexities of implementation of ERPs on a global scale in their career, they know pro and cons of having different functions and sub-systems integrated - or not. They saw in the interest rate error not only a software bug but also the danger of an organisational tsunami that could compromise their strategic partnership and cause huge losses on both sides.

Their story is such an unusual tale of successful human management that I though it must be told… before it is too late for others to copy it.