“Panel Votes to Release Probe Records,” The Wall Street Journal, September 29, 2018 A3. House committee votes to release some but not all of the transcripts of testimony given behind closed doors about possible Russian interference in the 2016 elections.
Interesting that, as an interviewee, you have no control over what investigators then do with what you said. You don’t “own” that. So, the government “governs” that information, and can ask that it be declassified; you can’t object. But the government can decline to make some of this public, as they did here (testimony of two members or Congress were not in the interviews to be released). Power is an interesting thing.
And, as the public, you have no “right” to that information unless Congress and various intelligence agencies agree.
Filed under Access, Communications, Controls, Duty, Governance, Government, Information, Internal controls, Oversight, Ownership, Third parties, To report
What happens when you have inadequate controls to prevent non-compliance with the law? You get publicly scolded by the regulator?
“Regulator Scolds Deutsche Bank on Money-Laundering Controls,” September 25, 2018 B11. German authorities also require the appointment of an independent monitor (KPMG). This monitor will join the other monitors appointed by various US authorities.
Is this enough? Certainly disruptive and expensive for the bank, but will it have lasting impact? Is the German government serious about compliance with these laws? Until a director or senior officer gets punished, will the controls really be effective?
“Report: Big Tech Needs Fixes,” The Wall Street Journal, September 25, 2018 B4. Report from Harvard concludes that Facebook, Google, Twitter, and Apple and similar tech giants “can’t be trusted to police themselves” and should be able to continue to swallow up smaller companies to get user data.
So, who governs the ungoverned? Themselves? Their shareholders? These companies have and continue to acquire and control vast swaths of information belonging to others.
Do we care?
How does one control speech in the public forum without encroaching upon fundamental freedoms?
“On Social Media, a Battle Is Brewing Between Bots and Trolls,” The Wall Street Journal, August 11, 2018 B7. Blocking some speech and some speakers would be bad if the government did it. But is it better if private companies do it, especially when they have pervasive power over the communications streams currently in use?
There’s battle brewing, indeed. Are the Facebooks and Googles of the world mere utilities getting paid solely for carrying content from all comers, with no power (or financial interest?) over the content they carry, or are they publishers with some accountability? If the technology tools they use to screen out the “bad” stuff (terrorists, for example) also screen out unpopular (to someone) speech, who pays damages?
If a company is quasi-governmental, shouldn’t it be subject to quasi-constitutional limitations?
This seems to me to be Governance, Compliance, and Information.
Filed under Access, Accuracy, Communications, Compliance, Compliance (General), Controls, Corporation, Data quality, Duty, Governance, Government, Internal controls, Third parties
A key element of either Compliance or Governance (or both) is penalizing violations. Otherwise, the rule is on paper only, and isn’t real.
“U.S. Steps Up Grid Defense,” The Wall Street Journal, August 6, 2018 A1. Government devising new penalties for foreign (and domestic) agents who hack into critical infrastructure.
Sounds good. But might we be better off with a few more ounces of prevention (education, technology controls, testing, etc.)? The “internal” controls. By the time you’re penalizing folks, you’ve been hacked.
Filed under Access, Compliance (General), Controls, Duty, Governance, Government, Interconnections, Internal controls, IT, Security, Technology, Third parties
“Hacker Allegedly Tried to Sell Drone Data,” The Wall Street Journal, July 12, 2018 A3. Hacker tries to sell maintenance documents for a drone, documents stolen from a Air Force officer’s computer.
How well does the government protect sensitive information? Apparently, the hack exploited the failure to properly configure a router.
What happened to the Air Force officer, who apparently failed to adequately protect classified information? The IT guy who configured the router?
Filed under Access, Compliance, Compliance (General), Controls, Duty, Duty of Care, Governance, Government, Information, Internal controls, IT, Policy, Protect assets, Security
“FCC Proposes Revamp Of Online Documents,” The Wall Street Journal, July 12, 2018 A3. Proposed revision to process for receiving public comments after fake comments filed in the net neutrality discussion.
How does the government restrict our ability to lie to the government where the payment of money or the issuance of a license is not at issue? Is filing comments under someone else’s name not protected speech? Or is it fraud? Yes it’s false, but is it fraud, if all you’re trying to do is sway a regulator’s position? Is this the same as falsely shouting fire in a crowded theater?
I’m not in favor of submitting comments under a false name or names. But can the government protect this when people are attempting to petition their elected representatives?
I file this as a restriction on the ability of government to govern all behavior (therefore Governance) and under Information (does it matter that it’s fake?). Maybe Compliance, seeing as the Constitution applies.