“Facebook Details Data Sharing,” The Wall Street Journal, July 2, 2018 A1. Facebook “expands” its answer to the question, “Who else saw our data?” Apparently, a lot more people than Facebook said originally. A bunch of special deals and exemptions from Facebook’s “policy.”
So, apparently Facebook does not have a personal relationship with the truth, but they sure have your information.
One expects further revelations in the months ahead.
- Lying is not an effective communications strategy
- When you’re being investigated, either tell the truth or say “I don’t know.”
- The only person who can grant an exception to a policy is the person who issued the policy (or their superior)
- Strictly enforce your company policies, or they won’t help much
- Treat my data with as much care as you treat your data
Filed under Accuracy, Communications, Compliance, Controls, Corporation, Culture, Duty, Governance, Internal controls, Investor relations, Oversight, Policy, Privacy, To report
The suspect makes his fingerprints unreadable, and doesn’t have a wallet or other ID. Who is he?
“Controversial Facial System Identifies Suspect,” The Wall Street Journal, June 30, 2019 A3. Facial recognition used to identify the shooter at the Capital Gazette in Annapolis, where five died. A picture was run through the drivers license data base, and up popped his license photo.
Biometrics as information? Role of technology in information governance?
“CFPB Decides Not to Fine Citi on Overcharges,” The Wall Street Journal, June 30, 2018 B12. Company failed to lower credit card interest rates for some customers when it should have. It will refund the overcharges and fix its practices, but won’t pay a fine.
Citi self-reported, and proposed full restitution.
Would this have happened under the prior Director at the CFPB? Or would the offense have led to a large fine as well? To what purpose?
Filed under Accuracy, Communications, Compliance, Compliance (General), Controls, Corporation, Duty, Duty of Care, Governance, Internal controls, Oversight, To report
A simple compliance case. An employee shares confidential information with a few friends and they trade stocks based on that information. The employee (now suspended) and the two friends were arrested on criminal insider trading charges. The employer is cooperating with the SEC’s investigation. Civil charges pending, too.
“Analyst Arrested On Insider Charges,” The Wall Street Journal, June 27, 2018 B12. S&P Global Ratings employee allegedly disclosed information about acquisition of Valspar by Sherwin-Williams.
What separates this from the other run of the mill insider trading cases is the fact that the employee apparently denied knowing his two life-long friends.
Lying to the Feds is not a good strategy.
Vendors with whom you deal can (and do) capture lots of information about you. They use that information. Hopefully to improve customer service. Can they disclose what they know to others? What if your traveling companions don’t know it’s your birthday because you don’t want them to know?
“What the Airline Knows About The Guy in Seat 12A,” The Wall Street Journal, June 20, 2018 A11. What information on you do airlines collect and how do they use it?
If the information is correct and used positively, that’s one thing. What if it’s wrong, or used negatively? What if it leaks? What if it’s sold?
Filed under Access, Accuracy, Collect, Controls, Corporation, Duty, Duty of Care, Governance, Information, Management, Oversight, Ownership, Privacy, Protect, Use
“McKinsey Held Back Chapter 11 Positions,” The Wall Street Journal, June 20, 2018 B1. Consultant advises in bankruptcy proceedings while holding undisclosed interests in the outcomes.
Did McKinsey not know that they had these investments? Did they not have a process for checking for conflicts? Or did they not care? Did the lawyers not ask when employing an agent? Was there no policy, at McKinsey or the court or the attorneys, about conflicts?
Maybe they need an outside consultant to review their processes. Lots of really cool slides.
Filed under Access, Accuracy, Compliance, Compliance (General), Controls, Corporation, Definition, Duty, Duty of Care, Governance, Information, Internal controls, Lawyers, Oversight, Third parties, To report
“Sophisticated Email Scam Hits Businesses,” The Wall Street Journal, June 12, 2018 A4. Spoofing emails used to get companies to pay fake invoices. $685million is claims in Q1 2018.
An attorney mistakenly wired $250K to the wrong account. Oops.
You have processes in place to prevent this, right? Is that information governance or just good business practice?
Filed under Accuracy, Controls, Corporation, Data quality, Directors, Duty, Duty of Care, Governance, Internal controls, IT, Oversight, Policy, Protect assets, Security