Category Archives: Government

Controlling speech

How does one control speech in the public forum without encroaching upon fundamental freedoms?

“On Social Media, a Battle Is Brewing Between Bots and Trolls,” The Wall Street Journal, August 11, 2018 B7. Blocking some speech and some speakers would be bad if the government did it.  But is it better if private companies do it, especially when they have pervasive power over the communications streams currently in use?

There’s battle brewing, indeed.  Are the Facebooks and Googles of the world mere utilities getting paid solely for carrying content from all comers, with no power (or financial interest?) over the content they carry, or are they publishers with some accountability?  If the technology tools they use to screen out the “bad” stuff (terrorists, for example) also screen out unpopular (to someone) speech, who pays damages?

If a company is quasi-governmental, shouldn’t it be subject to quasi-constitutional limitations?

This seems to me to be Governance, Compliance, and Information.


Leave a comment

Filed under Data quality, Governance, Communications, Controls, Third parties, Internal controls, Compliance, Access, Duty, Accuracy, Corporation, Government, Compliance (General)


A key element of either Compliance or Governance (or both) is penalizing violations.  Otherwise, the rule is on paper only, and isn’t real.

“U.S. Steps Up Grid Defense,” The Wall Street Journal, August 6, 2018 A1. Government devising new penalties for foreign (and domestic) agents who hack into critical infrastructure.

Sounds good.  But might we be better off with a few more ounces of prevention (education, technology controls, testing, etc.)?  The “internal” controls.  By the time you’re penalizing folks, you’ve been hacked.

Leave a comment

Filed under Access, Compliance (General), Controls, Duty, Governance, Government, Interconnections, Internal controls, IT, Security, Technology, Third parties

Protecting key information

“Hacker Allegedly Tried to Sell Drone Data,” The Wall Street Journal, July 12, 2018 A3.  Hacker tries to sell maintenance documents for a drone, documents stolen from a Air Force officer’s computer.

How well does the government protect sensitive information?  Apparently, the hack exploited the failure to properly configure a router.

What happened to the Air Force officer, who apparently failed to adequately protect classified information?  The IT guy who configured the router?

Leave a comment

Filed under Access, Compliance, Compliance (General), Controls, Duty, Duty of Care, Governance, Government, Information, Internal controls, IT, Policy, Protect assets, Security

Falsely shouting fire?

“FCC Proposes Revamp Of Online Documents,” The Wall Street Journal, July 12, 2018 A3.  Proposed revision to process for receiving public comments after fake comments filed in the net neutrality discussion.

How does the government restrict our ability to lie to the government where the payment of money or the issuance of a license is not at issue?  Is filing comments under someone else’s name not protected speech?  Or is it fraud?  Yes it’s false, but is it fraud, if all you’re trying to do is sway a regulator’s position?  Is this the same as falsely shouting fire in a crowded theater?

I’m not in favor of submitting comments under a false name or names.  But can the government protect this when people are attempting to petition their elected representatives?

I file this as a restriction on the ability of government to govern all behavior (therefore Governance) and under Information (does it matter that it’s fake?).  Maybe Compliance, seeing as the Constitution applies.

Leave a comment

Filed under Accuracy, Controls, Data quality, Definition, Duty, Governance, Government, Information, Third parties

Tapes and onions

Today, with surveillance cameras everywhere, it’s good to remember that everything you say may be recorded.  Even by someone you trust.  And those recordings turn up.

“Cohen Recorded Talk With Trump,” The Wall Street Journal, July 21, 2018 A1.  Trump’s then-personal lawyer recorded a conversation with then-private-citizen Trump about a story about a Playboy model.

Several different layers of onion involving this tape its creation, its collection by the FBI under a warrant, its production after a court-ordered review, its release to the press, and its impact.  And who owns it, at each stage of the process?  Did Trump know he was being taped?  Was this privileged?  Was the privilege waived?  How and by whom?

I just ask the questions.


Leave a comment

Filed under Access, Controls, Discovery, Duty, Government, Internal controls, Lawyers, Legal, Ownership, Privacy, Privilege, Third parties

Warnings v. Controls

People knew the shooter in Annapolis was a danger to the newspaper.  Employees were warned.  Police investigated his on-line comments, and determined he is not a threat.  Employees were told to call 911 if they saw him.

Five years later, he kills 5 people with a shotgun.

“Newspaper Warned About Shooter,” The Wall Street Journal, June 30, 2018 A3.

Maybe that’s why the police got there in under a minute.

Leave a comment

Filed under Controls, Corporation, Directors, Duty, Duty of Care, Governance, Government, Internal controls, Oversight, Third parties, To report

What you have, where you have it

A common starting point to information governance projects is to determine what information you have and where you have it.  Then you can start to manage it. But what happens if you don’t know what you have nor where you have it?

“Facebook Struggles to Find User Data,” The Wall Street Journal, June 28, 2018 B1. “The company can’t track where much of the [user] data went after it left the platform or figure out where is it now.”

A lot of the information is or was with app developers that are now out of business.  What happened to your/Facebook’s/their data?

Sure is easier to figure this out going forward than it is to figure out what happened between 2007 and 2015.  Especially if disclosure of some of that information is blocked by the government in far-off lands.  Or if the app developers don’t fancy having Facebook root through their servers and discovering their business secrets.  Or if Facebook doesn’t have a contractual right to get this information.

Sure would be easier if they’d had the proper controls in place at the time.

Leave a comment

Filed under Access, Controls, Corporation, Duty, Duty of Care, Governance, Government, Information, Internal controls, Oversight, Ownership, Ownership, Privacy, Protect assets, Security, Third parties, Vendors