“When ‘Free Trading’ Isn’t Really Free,” The Wall Street Journal, November 10, 2018 B5. You can avoid commissions when trading stock by using an app. But if the price you pay or get paid for the stock is more or less, is the trade really free? It depends on how much price improvement is involved.
Interesting study of how the benefits and cost savings on high frequency trading are divided among the various parties. And who knows what.
Isn’t this type of “information imbalance” inherent in every transaction? Do we know how much a tomato or an iPad costs the store that sells it? Or whether the salesperson gets a commission? How do we manage that imbalance? Or do we just accept it, whatever it means?
“Wall Street Analysts Are Selling More Data,” The Wall Street Journal, November 8, 2018 B11. Analysts are searching and make available a bunch of information on your information, including “social media sentiment … and geospatial mapping.” Think of it as expanded research reports.
Well, they are in the business of reviewing data and offering opinions (for a price). Is it much of a disintermediation for them to start selling the information directly? I guess there’s money in it. Or service.
Filed under Access, Analytics, Collect, Controls, Corporation, Duty, Information, IT, Management, Operations, Ownership, Security, Third parties, Use, Use, Value
I’m a bit of a knowledge management wonk, having been involved in the then-nascent KM movement within the inhouse legal community in the early 2000s. But there can be too much sharing.
“Sinclair Settles With U.S. on Ad-Sales Data,” The Wall Street Journal, November 8, 2018 B2. A media group settles lawsuit over alleged sharing of information among television station owners, that may have led to higher advertising rates.
An interesting side note is that this all came to light when Sinclair proposed to buy another company and had to undergo a government investigation.
Are there restrictions on how much information can be shared between and among competitors? Yes. They are call “antitrust laws.” And is there a risk of making a deal that subjects you to government scrutiny? Yes. The may discover all manner of minor and major sins.
Filed under Access, Communications, Compliance, Compliance (General), Controls, Corporation, Discovery, Duty, Governance, Information, Internal controls, Knowledge Management, Oversight
How do you protect information in the event of an Event? Is this part of your business continuity plan? You do have a business continuity plan, right? Do you have a process to safeguard information you will need to resume operation?
“Second Black Box Eludes Search Teams,” The Wall Street Journal, November 3, 2018 A6. Divers are still searching for the cockpit voice recorder following the crash of Lion Air flight 610 in Indonesia.
Planes carry two “black boxes,” one a flight data recorder (which captures a lot of equipment operating data) and the other a cockpit voice recorder (which captures conversation in the cockpit). The information on these two boxes (which are actually neon orange) is used to determine the cause of a crash.
What information does your company generate that you would need to run your business following an “Event,” such as a computer crash or a hurricane, or whatever? Is that part of your normal operating policies and procedures? If you can’t get to that information, can you restart or run your business?
Is this an Information point (protecting information) , or a Governance point (having processes and procedures to protect mission-critical information), or a Compliance with policies and procedures?
Filed under Access, Business Case, Collection, Controls, Corporation, Duty, Governance, Information, Internal controls, Oversight, Protect, Protect assets, Risk, Use, Value
“Alternative Data Is Valued on Wall Street,”The Wall Street Journal, November 2, 2018 B1. Companies mine different types of available information to help traders.
Is information is worth so much, won’t someone start a business to provide it? Apparently. What should you be monitoring to understand how your customers make their purchasing decisions, or what your competitors are doing?
Drones looking at parking lots and where are the iPhones coming from and going to and how many construction permits were issued? What’s your metric? How do you measure it?
“U.S. Charges Agents Of China Hacked Aviation Firms,” The Wall Street Journal, November 1, 2018 B4. Agents of the Chinese government indicted for trying to steal airline industry technology.
This is getting to be rather routine. One part of this is the value of Information, and the importance of information security. One part of this is Compliance, of course, as the US government is trying to protect the US information assets (although the company at issue probably had some responsibility for this as well, as well as their board of directors). And, of course, Governance, as the US government is prosecuting.
We all know the business case for cyber-security.
Filed under Access, Compliance, Compliance (General), Controls, Corporation, Duty, Duty of Care, Governance, Government, Information, Interconnections, Internal controls, IT, Oversight, Protect assets, Security, Third parties
What happens when you have to disclose your secret sauce?
“13 Secret Steps for Harvard Admission — They May Not Help,” The Wall Street Journal, October 29, 2018 A1. Analysis of admissions data shows what affects (helps, hurts) your chances of admission.
If you were Harvard, would you want to keep this secret, to prevent people from gaming the system? If you were an applicant, wouldn’t you want to know?
Certainly, this is Information, but to what is it relevant? Can you use it effectively, or is it just interesting? What’s it worth to you?
From a Governance perspective, did Harvard have sufficient controls in place to prevent both the violation of law and the appearance thereof? We’ll see.
This blog explores, from time to time, the outer reaches of the intersection(s) of Information, Governance, and Compliance.
Consider, for a moment, a fingerprint. Not what you normally consider “information.” And one seldom thinks of “managing” a fingerprint. Who owns your fingerprint? But consider the value of a fingerprint, and both the failure to “manage” or control where that fingerprint can be found and the ability to find that fingerprint and locate its owner. How much information governance is involved in this process?
“Fingerprint Leads to Arrest Of Bomb Suspect in Florida,” The Wall Street Journal, October 27, 2018 A1. Alleged mail bomber’s fingerprint in a package sent to a legislator leads to arrest of suspect.
Which leads me to the question,”What is there that isn’t information that is managed or controlled in our lives, or a least directly related to information that is managed?” I struggle to find an example of something that isn’t information, or directly related (perhaps somewhat remotely) to information that is managed or controlled.
Filed under Access, Accuracy, Analytics, Collect, Compliance, Controls, Data quality, Definition, Duty of Care, Governance, Information, Management, Oversight, Ownership, Records Management, Risk assessment, Use, Value
“Facebook Draws U.K. Fine Over Sharing Data,” The Wall Street Journal, October 26, 2018 B4. Facebook fined half a million Pounds ($645,000) for allowing Cambridge Analytica for letting them see and use user data. This is separate and apart from any fines the EU may impose.
Part of the problem is that Facebook didn’t do enough (i.e., anything) after it found out about Cambridge Analytica having accessed the data.
So, some points to consider:
- Whose information was it?
- Whose (and how many) rules (EU, UK, US, other) apply to (i.e., govern) a data breach?
- Why didn’t FB do anything after learning of the problem? Did it not have a process for handling a vendor that accessed data inappropriately? Doesn’t Governance require you to have such a process? Does Compliance entail requiring your vendors to follow a process, and penalizing them when they don’t?
- The fine here won’t go to the UK residents whose privacy was invaded. Is this a fine or a tax? It certainly isn’t damages.
Filed under Access, Compliance, Compliance (General), Controls, Corporation, Duty, Duty of Care, Governance, Internal controls, IT, Oversight, Privacy, Protect assets, Security, Third parties, Vendors
“SEC Keeps Study On Speed-Bump Trading Under Wraps,” The Wall Street Journal, October 25, 2018 B11. SEC has done a study of controls that slow down high-frequency traders, but hasn’t released that publicly.
The SEC is in charge of protecting the stock trading system. As such, it watches over how quickly information moves within that ecosystem, and whether access is available to all at the same time. But the SEC refuses to release the unredacted text of a study that it did on the impact on “controls” that limit the ability of high-speed traders to take unfair advantage of their access to information.
Curious as to why (and what) the government doesn’t want us to know. Who oversees the government? (Hint: a free press is one of them).
Filed under Access, Accuracy, Controls, Data quality, Duty, Governance, Government, Information, Interconnections, IT, Oversight, Technology, Third parties, To report, Value