“HIV Status of More Than 14,000 People Leaked in Singapore Data Breach,” The Wall Street Journal, January 29, 2019. The partner of a doctor with access to the records released the information after he was deported.
How do you keep your employees from leaking sensitive data to their partners? How do you prevent those partners from disclosing that information?
Principally a Compliance and an Information point, although one could argue there’s some Governance.
“Two Groups Account for $1 Billion in Cryptocurrency Hacks, New Report Says,” The Wall Street Journal, January 29, 2019. The suspected hackers are still active, and there are many others as well.
Willie Sutton, when asked why he robbed banks, reportedly said (but personally denied saying, but why believe him?), “Because that’s where the money is.”
Cryptocurrencies, like bitcoin, are Information, in a sense, with a monetary value. Protection of such currency in place, in a digital world, is Governance (you have a fiduciary duty to protect the assets entrusted to your care), and Compliance (with law and with company policy). So, security is a bit Governance and a bit Compliance.
“Nevada: Wynn Resorts Executives Ignored Sexual Misconduct Claims Against Steve Wynn,” The Wall Street Journal, January 29, 2019. Executives allegedly aware of sexual misconduct claims against the boss have all since left the company.
What does it say about Governance (culture) and Compliance (law and policy, enforcement) when the boss pays million-dollar settlements, and the company agrees to pay a fine, but the executives charged with protecting the employees and the shareholders all just quietly leave? How much of the damages caused do those executives pay, versus how much do the remaining shareholders pay?
The executives include 3 general counsels, one president, one president and COO, a vice president, and an HR director.
It’s lonely at the top, I guess.
“U.S. Authorities Unveil Sweeping Set of Charges Against China’s Huawei,” The Wall Street Journal, January 29, 2019. “Federal prosecutors accused Huawei of violating U.S. sanctions on Iran and of stealing trade secrets from a U.S. business partner, portraying the company as a serial violator of U.S. laws and global business practices.”
Perhaps (!) linked to upcoming trade talks, this is still a strong Governance, Compliance, and Information piece. Compliance issues on both non-information items (sanctions) and information items (theft of trade secrets), and even the sanctions piece has an information element, as the company is accused of lying to banks about its Iran business.
Politics seems to be an element of both Governance and Compliance (enforcement) here. Is it always? While one may be less troubled by a sniff of politics in Governance, doesn’t politics taint Compliance?
“Colleges Mine Data on Their Applicants,” The Wall Street Journal, January 28, 2019. In deciding who to admit, colleges track when you first came to their website, and consider how long you take to respond to their emails and whether you follow links they give you.
Tracking is the next new thing, or the last old thing. Somebody can see a lot of what you did and when, and use that for their own purposes. While this seems okay on the normal consumer context, does it seem unseemly in a college application? Or is this just harnessing the available information and applying it with diligence?
Hopefully, the colleges don’t share this with each other. They wouldn’t do that, would they? They’re competitors, sort of. Although a software provider sells to hundreds of schools.
But do students know they are being tracked? Is any of this private, or is it all factual information about metrics around a relationship between a person and the college?
So, Information, certainly. Not Compliance, because there doesn’t see to be a law against it. Governance? Does it go to an ethical issue that a school is doing this without disclosing it to their applicants? Is it different that it’s done with technology rather than an admissions officer’s feeling about the depth of an applicant’s interest?
“Google, Amazon Seek Foothold in Electricity as Home Automation Grows,” The Wall Street Journal, January 28, 2019. “… [T]hey are seeking ways to expand their smart speakers, internet-connected thermostats and other devices to harness information on consumers’ personal energy use. That data holds great power; it can be used to manage energy demand by incentivizing consumers to use less electricity during peak hours.”
And they will never use that data (whose data is it?) against us. At least until they can find a way to sell or rent it back to us (or to an advertiser who wants to install energy-efficient storm windows) or maybe to the government, to find out who’s using more than their fair share. Or whatever.
Clearly this involves Information, and who owns it and who can profit from its use. Is there an aspect of Governance, in the sense of what rules exist to limit the use and abuse of the this data? Would European-style privacy laws restrict this “harnessing” by two fledgling monopolists, who might otherwise extend their reach too far?
Google says, “If we can make, collectively, a lot of small changes across a large number of people, that has a large benefit to power providers, the grid, the environment and the consumer.” And maybe Google might get a few bucks out of it, too.
“WPP Asked Ex-CEO Martin Sorrell to Repay Expenses,” The Wall Street Journal, January 26, 2019. Company tries to recoup some expenses claimed by its former CEO.
Who monitors your expenses, and how closely? If the expenses are considered excessive, do you just repay those, or do you get fired? Does a CEO have a higher duty on this than a mere worker bee? And is there a distinction of claiming $5 for a $4 taxi fare, versus claiming the cost of a prostitute? Are there some claims that are just unreasonable?
Expense reports are records, and Information. The rules for claiming them are covered by company policy and procedures, and monitoring compliance with those rules are part of Governance and Compliance. How tight are those rules? And how tightly are they monitored and enforced? What does it say about the culture of the company if there can be a legitimate dispute about whether your kid’s ski trip is an allowable business expense?
“PG&E Shares Jump After California Clears Company in 2017 Blaze,” The Wall Street Journal, January 25, 2019. Someone else found responsible for earlier fires.
Looking at the linkage between the market’s perception of a company and its stock price. Is that Information, of a type, at work? Even though the jury is still out on the cause of the most recent fires.
PG&E is not, in my estimation, the poster child of either Compliance or Governance. But that’s a separate point.
“China’s Internet Watchdog Closes Hundreds of Websites, Criticizes Tencent App,” The Wall Street Journal, January 24, 2019. China removes harmful, lewd, and vulgar information from the web, just weeks before Chinese New Year
Interesting interplay of Governance (who’s in charge?) and Compliance, all with Information in the background.
The US couldn’t do this (could they?), at least on this scale for this type of content. Europe exercises similar control, with the right to be forgotten. What implications does this have for the world-wide web?
“Amazon’s Pitch to Woo Shippers: Fewer Fees Than FedEx, UPS,” The Wall Street Journal, January 24, 2019. Amazon wants to replace other shippers.
While this is only tangentially related to Information or Governance, this is still of interest. What does it say when a behemoth in the marketplace seeks to extend its position? Does that raise Compliance issues, perhaps from an antitrust perspective? Especially when the word “poach” was used in the lead-in from the front page?
But, clearly, Amazon is using information about who makes the products that Amazon sells, and introducing a different value proposition to them. Is that just smart business?