I was otherwise engaged in December, what with the holidays and travel and our first grandchild, born in Hong Kong, and haven’t been posting. Here’s the month in review, in chronological order, in multiple parts:
- How to monetize your information
“Paywall for HuffPost? Verizon Hunt for Web Revenue Goes Beyond Ads,” The Wall Street Journal, December 3, 2018. Do you let people see content (plus ads) for “free,” or do you charge for access? Which one places the “correct” value on the information you are providing? What if you did both?
- Who’s in charge?
“Disney Raises the Bar Robert Iger Has to Clear to Win Bonus,” The Wall Street Journal, December 4, 2018. Shareholders push back on bonus compensation plan, demonstrating an unusual level of control (i.e., Governance) over their investment. See also, “Shell to Link Carbon Emissions Targets to Executive Pay,” The Wall Street Journal, December 4, 2018.
- How much is your view worth?
“Who’s Reading That News Story? Startup Will Help Marketers Find Out,” The Wall Street Journal, December 4, 2018. Linking the desire of publishers and advertisers to monitor what news stories you look at and for how long, a start-up fills the gap. The answer to the question,”Whose data is that?” is taking on multiple dimensions.
- It takes a village to prevent someone from getting top-secret information
“China Maneuvers to Snag Top-Secret Boeing Satellite Technology,” The Wall Street Journal, December 5, 2018. Boeing seemed unconcerned when a customer for one of its satellites told Boeing that the customer was being financed by Chinese interests, to whom sale of the top-secret technology involved was restricted. But after an alleged payment default, Boeing cancels order. “Boeing Backs Out of Global IP Satellite Order Financed by China, The Wall Street Journal, December 7, 2018. Did the press coverage have an impact?
- Law firms leak, too
“U.S. Prosecutors Charge Four People in Panama Papers Probe,” The Wall Street Journal, December 5, 2018. Action follow leak of law firm documents showing how wealthy people hid money from tax.
- Who owns (or controls) the Cloud?
“China’s Alibaba Takes On Amazon in European Cloud,” The Wall Street Journal, December 5, 2018. Chinese Cloud company challenges Amazon for control of the Cloud in Europe. Which (the US or China) will better protect the privacy of the users?
- Does your information governance program cover the content of the training provided to your customers?
“Boeing Omitted Safety-System Details, Minimized Training for Crashed Lion Air 737 Model,” The Wall Street Journal, December 6, 2018. Questions arise after 189 people killed in a crash and the crews hadn’t been trained on the new flight-control system.
- Facebook tried to monetize “your” data? Gadzooks!
“Facebook’s Zuckerberg at Center of Emails Released by U.K. Parliament,” The Wall Street Journal, December 6, 2018. Newly released emails show that Facebook apparently considered charging app developers for accessing “your” data held by Facebook, and suggest Facebook discounted the chance of developers sharing that data with others.
- Not “just-in-time” discipline
“Wells Fargo Firing Dozens of Regional Managers in Retail-Bank Cleanup,” The Wall Street Journal, December 6, 2018. More than two years after the account-cramming scandal, Wells Fargo starts to fire some regional managers for failure of oversight responsibilities. Sort of like punishing your full-grown dog for an accident she had as a puppy. And what about the executives who were overseeing those fired managers?
- Biometrics is/are information, too
“Microsoft Pushes Urgency of Regulating Facial-Recognition Technology,” The Wall Street Journal, December 7, 2018. Lack of worldwide restrictions on surveillance without a warrant leads Microsoft to urge restrictions on the technology. Is privacy when in public a basic human right?
- It’s not the crime, it’s the coverup?
“U.S. Alleges Huawei CFO Hid Ties to Telecom With Iran Business,” The Wall Street Journal, December 8, 2018. Did the CFO lie to hide from banks connections Huawei had with company that did business with Iran? What is the impact to the current state of trade relations with China?
Filed under Accuracy, Board, Compliance, Compliance, Compliance (General), Compliance Verification, Controls, Corporation, Definition, Directors, Duty, Governance, Information, Internal controls, Managers, Oversight, Oversight, Ownership, Privacy, Protect assets, Protect information assets, Technology, Third parties, To report, Value, Vendors, Who is in charge?
Who governs access to the White House? The Executive or the Judiciary?
“Judge Grants CNN’s Press-Pass Motion,” The Wall Street Journal, November 17, 2018 A3. Reporter’s due process rights “appear to have been violated” when his access to the White House itself is restricted.
Who controls access to your building? To your floor? To your office? To your desk? To your computer? To your company’s information?
How do they do it?
In the absence of a written rule, who governs what behavior is permitted in a press briefing within the White House? The White House? The “press corps”? The courts? The Secret Service?
“Former Goldman Bankers Charged,” The Wall Street Journal, November 2, 2018 A1. “Two senior … bankers allegedly paid bribes and stole and laundered money … [in] one of the biggest financial frauds in history.”
What does it say when two of your 435 partners and one of your managing directors commits a fraud? Failures in systems/controls? Bad culture? Do you have a “cowboy atmosphere” in Asia? Poor training? Are these rogue employees? What’s the impact on your reputation? What was the tone at the top?
This is primarily a Governance point. How will the new CEO handle?
Filed under Compliance, Compliance (General), Controls, Corporation, Culture, Directors, Duty, Duty of Care, Employees, Governance, Oversight, Policy, Supervision, Who is in charge?
“U.K. Plans to Introduce Digital Tax on Tech Firms,” The Wall Street Journal, October 30, 2018 A9. Rather than further regulating firms like Google and Facebook, the UK now tried to tax their locally generate revenue.
The lack of a universal taxing methodology may cause the big players some headaches. Compare the patchwork of privacy obligations if you operate in different countries (or states).
Look at this from two different views. First, how does a large multi-national comply with all the different laws around the world? Second, how does your company deal with the overlapping laws and your own corporate policies and procedures, which may apply differently to different parts of your company?
While one-size-fits-all makes sense at one level (if you’re on top of the Governance pyramid), does this process require a bit more granular differentiation (if you are on the bottom)?
“Irish Vote to Remove Law on Blasphemy,” The Wall Street Journal, October 29, 2018 A10. Although no one has been convicted of violating the law in 80 years, stage is set to repeal law making it a crime to say something offensive to religious sensibilities.
Looking at this from a Governance perspective, can you have an effective control that is not sufficiently clear as to when someone has violated it? Do your policies and procedures set up controls that are sufficiently clear? And if the voters can amend the constitution on a 65% vote, who is in charge? As culture changes, do your controls keep pace?
And if you never enforce a control, does that mean it’s working?
“Goldman Shakes Up Top Ranks In Asia,” The Wall Street Journal, October 22, 2018 B3. Following appointment of a new CEO for Goldman, two chiefs of investment banking being moved out of management roles following a corruption scandal of unreported dimensions in Asia.
It’s unclear from this article whether this is just a normal change (therefore just a Governance issue, with the new CEO exercising his authority in the early days) or is somehow connected to the corruption scandal (and therefore somehow a consequence of some Compliance failure).
That’s a catchy headline.
“Facebook Thinks Hack Was Set by Spammers,” The Wall Street Journal, October 18, 2018 B1. FB says recent breach of ~30 million accounts was by spammers wanting to make profits, and not by nation states with evil motives. FB will likely never find who took the information.
This raises a whole host of issues about information ownership and the duty of companies who handle and store your data. And IT security, or insecurity. Which is your favorite? I personally favor what this says about the culture at FB; with these issues, the FB communication to the market and its shareholders and its customers speaks volumes about how FB views the risks of its business. So now a denial is Information, by definition.
Filed under Access, Communications, Compliance, Compliance (General), Controls, Corporation, Culture, Definition, Directors, Duty, Duty of Care, Employees, Governance, Information, Interconnections, Internal controls, Investor relations, IT, Oversight, Ownership, Privacy, Protect assets, Security, Technology, Third parties, Who is in charge?
“Google CEO Faces GOP Scrutiny,” The Wall Street Journal, September 25, 2018 A6. GOP lawmakers look to discuss Google’s work in (and with) China, market power, and political bias affecting search results.
Does Washington, much less the GOP, have the power to govern Google? From whence does that power to govern come, and what does that power control? What is Google alleged to have done wrong?
Watch this space.
“Report: Big Tech Needs Fixes,” The Wall Street Journal, September 25, 2018 B4. Report from Harvard concludes that Facebook, Google, Twitter, and Apple and similar tech giants “can’t be trusted to police themselves” and should be able to continue to swallow up smaller companies to get user data.
So, who governs the ungoverned? Themselves? Their shareholders? These companies have and continue to acquire and control vast swaths of information belonging to others.
Do we care?
To have governance, is a single point of accountability required?
“Workers Deal With Too Many Bosses,” The Wall Street Journal, August 21, 2018 B1. According to a recent poll, two-thirds of employees have more than one boss. Some employees respond by trying to manage their bosses.
From a Governance perspective, if you have multiple bosses, who sets your priorities? Who establishes the policies and procedures and instructions that you, as an employee, must follow? How does one resolve conflicts?
And which one person in your organization bears responsibility/accountability for the overall Governance of your company’s Information? Your company’s overall Compliance with law and with company policy and procedures?
Without such a single point of accountability/responsibility, who gets punished if things don’t go right? If no one is held responsible/accountable at the C-suite level, do you really have a program-in-fact, as opposed to a program-on-paper?
Filed under Compliance, Compliance (General), Controls, Corporation, Directors, Duty, Employees, Governance, Internal controls, Supervision, Who is in charge?