Category Archives: Access

Email

“Yahoo, Bucking Industry, Scans Emails for Data to Sell,” The Wall Street Journal, August 29, 2018 A1.  Unlike its competition, Verizon scans your Yahoo and AOL emails and shares the data with advertisers trying to sell you stuff.

This blog focuses in part on Compliance with law and company policy and procedures.  Does one need to comply with the practices of others in the industry, even where that is not required?  Do “market forces” act as part of the Governance structure?

We already know that Yahoo feels it owns the data you exchange over their platform.  But telling others what sites you’ve visited is a bit different than telling them what you may have been mentioned in your email.

Advertisements

Leave a comment

Filed under Access, Compliance, Compliance (General), Controls, Governance, Information, Ownership, Ownership, Privacy

Ownership

Appliances we use often capture data about how we use them.  Who owns that data, where is it stored, and what is it used for (and by whom)?

“What Your Car Knows About You,” The Wall Street Journal, August 18, 2018 B4. Large of amounts of data being collected from on-board devices, and used by car makers and others.

Will this lead to more targeted advertising?  May be worth $750 billion by 2030.  How much of that will the car owners get?

Sure, currently you have to opt in to this service.  You will read (and understand) the terms and conditions, won’t you?  And this will all be stored securely, with your privacy protected, won’t it?  Not that anyone could use your location or your driving habits against you.

Leave a comment

Filed under Access, Accuracy, Analytics, Controls, Information, Ownership, Privacy, Security, Technology, Value

Controlling speech

How does one control speech in the public forum without encroaching upon fundamental freedoms?

“On Social Media, a Battle Is Brewing Between Bots and Trolls,” The Wall Street Journal, August 11, 2018 B7. Blocking some speech and some speakers would be bad if the government did it.  But is it better if private companies do it, especially when they have pervasive power over the communications streams currently in use?

There’s battle brewing, indeed.  Are the Facebooks and Googles of the world mere utilities getting paid solely for carrying content from all comers, with no power (or financial interest?) over the content they carry, or are they publishers with some accountability?  If the technology tools they use to screen out the “bad” stuff (terrorists, for example) also screen out unpopular (to someone) speech, who pays damages?

If a company is quasi-governmental, shouldn’t it be subject to quasi-constitutional limitations?

This seems to me to be Governance, Compliance, and Information.

Leave a comment

Filed under Access, Accuracy, Communications, Compliance, Compliance (General), Controls, Corporation, Data quality, Duty, Governance, Government, Internal controls, Third parties

It’s not what you don’t say

“Hiring Hazard: Social Media,” The Wall Street Journal, August 6, 2018 B1.  What happens when you hire (or don’t hire) someone with a “history” of social media postings, some of which may now (or then, or both) be viewed as objectionable?

An editorial writer for a major newspaper is found to have written some racist comments.  A director gets booted from Disney for old tweets. Major league ball players get shamed.

Do the Europeans have it right?  Do you have a right to be forgotten?  Or are you stuck with what you said or wrote years ago, provided that it is preserved electronically?  You did say it, in preservable format.

Is this Governance (or self-governance)?  O the nature of Information?  Or Compliance with ever-evolving social mores?

Leave a comment

Filed under Access, Accuracy, Communications, Duty, Duty of Care, Governance, Ownership, Privacy

Value

The value of information can be calculated in multiple ways, from multiple viewpoints.

“My Boss Makes What? (Employees Work Harder If They Know),” The Wall Street Journal, August 6, 2018 R1. Salary transparency makes people work harder.

Is what you make “private”?  Should it be?  Whose interests are served by keeping this information private?  Who owns it, you or your employer?  Do anyone have a duty to keep this private?  Why would your employer want this kept quiet?  To avoid Sally complaining that she works harder/better/faster/quieter than Sue, and should be paid more? Or to keep a competitor enticing Sally away?

Ask yourself why you want to keep your salary private.  Sure, you don’t want marketing agencies targeting you because you’re wealthy, but they probably can approximate your salary anyway.

Leave a comment

Filed under Access, Accuracy, Communications, Controls, Corporation, Culture, Duty, Employees, Governance, Information, Internal controls, Managers, Ownership, Privacy, Third parties, Value

Penalties

A key element of either Compliance or Governance (or both) is penalizing violations.  Otherwise, the rule is on paper only, and isn’t real.

“U.S. Steps Up Grid Defense,” The Wall Street Journal, August 6, 2018 A1. Government devising new penalties for foreign (and domestic) agents who hack into critical infrastructure.

Sounds good.  But might we be better off with a few more ounces of prevention (education, technology controls, testing, etc.)?  The “internal” controls.  By the time you’re penalizing folks, you’ve been hacked.

Leave a comment

Filed under Access, Compliance (General), Controls, Duty, Governance, Government, Interconnections, Internal controls, IT, Security, Technology, Third parties

Gee, what could go wrong?

“Facebook Asks Banks for Customer Data,” The Wall Street Journal, August 7, 2018 A1. “[T]o offer new services to users,” Facebook asks banks for “detailed financial information about their customers.”

I can see what’s in it for Facebook, and maybe for the banks.  But isn’t this your information?  Shouldn’t you have some control what the banks do with it?  Are you comfortable with the controls the banks and Facebook will place on this information?  It might be convenient for you, but at what risk?

Do we remember Cambridge Analytica?  Will Facebook try to do this in Europe?

To whom do you complain?  Your elected representative?  Your bank?  The state or federal regulators?

Leave a comment

Filed under Access, Controls, Corporation, Duty, Duty of Care, Governance, Information, Internal controls, Investor relations, IT, Oversight, Ownership, Privacy, Protect assets, Security, Third parties, Uncategorized, Who is in charge?