Category Archives: Definition

Information economy

“Alternative Data Is Valued on Wall Street,”The Wall Street Journal, November 2, 2018 B1.  Companies mine different types of available information to help traders.

Is information is worth so much, won’t someone start a business to provide it?  Apparently.  What should you be monitoring to understand how your customers make their purchasing decisions, or what your competitors are doing?

Drones looking at parking lots and where are the iPhones coming from and going to and how many construction permits were issued?  What’s your metric?  How do you measure it?

Leave a comment

Filed under Access, Analytics, Collection, Data quality, Definition, Information, Use, Value


“Market Cheats Get Caught More Often,” The Wall Street Journal, November 1, 2018 B10.  Traders manipulating prices by spoofing real futures trades are getting caught and prosecuted for criminal violations.  Exchanges cooperating with enforcement authorities.

If accurate information is worth X, what is inaccurate information worth?  It depends, whether you are buying or selling based on it.

So, this is both Information (information includes both accurate and inaccurate information) and Governance (manipulating market trades with false information is a crime that the CFTC and DOJ prosecute).

Leave a comment

Filed under Accuracy, Compliance, Compliance (General), Controls, Corporation, Data quality, Definition, Duty, Duty of Care, Employees, Governance, Information, Oversight


What happens when you have to disclose your secret sauce?

“13 Secret Steps for Harvard Admission — They May Not Help,” The Wall Street Journal, October 29, 2018 A1. Analysis of admissions data shows what affects (helps, hurts) your chances of admission.

If you were Harvard, would you want to keep this secret, to prevent people from gaming the system?  If you were an applicant, wouldn’t you want to know?

Certainly, this is Information, but to what is it relevant?  Can you use it effectively, or is it just interesting?  What’s it worth to you?

From a Governance perspective, did Harvard have sufficient controls in place to prevent both the violation of law and the appearance thereof?  We’ll see.

Leave a comment

Filed under Access, Analytics, Compliance, Controls, Definition, Governance, Information, Internal controls, Value

It’s all information

This blog explores, from time to time, the outer reaches of the intersection(s) of Information, Governance, and Compliance.

Consider, for a moment, a fingerprint.  Not what you normally consider “information.”  And one seldom thinks of “managing” a fingerprint.  Who owns your fingerprint?  But consider the value of a fingerprint, and both the failure to “manage” or control where that fingerprint can be found and the ability to find that fingerprint and locate its owner.  How much information governance is involved in this process?

“Fingerprint Leads to Arrest Of Bomb Suspect in Florida,” The Wall Street Journal, October 27, 2018 A1.  Alleged mail bomber’s fingerprint in a package sent to a legislator leads to arrest of suspect.

Which leads me to the question,”What is there that isn’t information that is managed or controlled in our lives, or a least directly related to information that is managed?”  I struggle to find an example of something that isn’t information, or directly related (perhaps somewhat remotely) to information that is managed or controlled.


Leave a comment

Filed under Access, Accuracy, Analytics, Collect, Compliance, Controls, Data quality, Definition, Duty of Care, Governance, Information, Management, Oversight, Ownership, Records Management, Risk assessment, Use, Value

Hackers look to make money

That’s a catchy headline.

“Facebook Thinks Hack Was Set by Spammers,” The Wall Street Journal, October 18, 2018 B1. FB says recent breach of ~30 million accounts was by spammers wanting to make profits, and not by nation states with evil motives.  FB will likely never find who took the information.

This raises a whole host of issues about information ownership and the duty of companies who handle and store your data.   And IT security, or insecurity.  Which is your favorite?  I personally favor what this says about the culture at FB; with these issues, the FB communication to the market and its shareholders and its customers speaks volumes about how FB views the risks of its business.  So now a denial is Information, by definition.

Leave a comment

Filed under Access, Communications, Compliance, Compliance (General), Controls, Corporation, Culture, Definition, Directors, Duty, Duty of Care, Employees, Governance, Information, Interconnections, Internal controls, Investor relations, IT, Oversight, Ownership, Privacy, Protect assets, Security, Technology, Third parties, Who is in charge?

Information delayed

“Advertisers Allege Facebook Put Off Disclosing Error,” The Wall Street Journal, October 17, 2018 B1.  Facebook sued two years ago for knowing the statistics on how long users were looking at videos were flawed, overstating the average time videos were viewed but failed to let the advertisers know.  So advertisers paid for posting videos based on inaccurate information from the seller (Facebook).

I guess one could comment on the culture at Facebook that would permit this behavior, or upon the Compliance implications of the apparent failure to punish anybody (employees, directors) for this apparent breach of customer trust. But instead one could focus on how much value Facebook derived from not disclosing information about known defects in its processes.  So, either (a) the definition of Information includes information you don’t disclose or (b) the value of information can include the value of not disclosing it.

The documents turned over in discovery are not favorable to FB.

Leave a comment

Filed under Accuracy, Communications, Compliance, Compliance (General), Controls, Corporation, Culture, Data quality, Definition, Directors, Duty, Duty of Care, Employees, Governance, Information, Internal controls, Oversight, Reliance, Supervision, Technology, To report, Value


“Senator Releases DNA Test Results,” The Wall Street Journal, October 16, 2018 A4.  Senator Elizabeth Warren released DNA results about her ancestry.

Facts are facts.  And labels are labels, and not necessarily facts.  How much of a certain DNA do you need to have to be a minority, entitled to affirmative action?

So, the blood results are information.  But who has the power to decide who is and who is not a Native American?  Are labels just short-hand opinions?  And, as opinions tend to do, are either right or they’re wrong, with the actual facts determining the actual truth or falsity.

Leave a comment

Filed under Analytics, Data quality, Definition, Information

Sexual assault

I hesitated to discuss the Kavanaugh hearings as an information governance teaching case, due to the raw political nerves.  Another case presented itself.

“A Sexual-Assault Claim Spotlights National Dilemma,” The Wall Street Journal, October 15, 2018 A1.  A state employee in New Jersey promptly reported an assault to the police, and even wrote to the governor and his wife.  The alleged assailant also works for the state.  The matter was investigated, but the state did not prosecute the alleged assailant.

How does the victim document and prove an assault?  What evidence, beyond her word, is required to secure a conviction?  Immediate outcry?  DNA results?  Video?  Is the absence of information itself information?

How does the alleged assailant establish his or her innocence?  How does the state investigate and how does it decide whether to prosecute?  How does the judge or the jury decide, based on what evidence?  What documents and policies govern the process?  How do we protect the privacy of the complainant and the defendant until a verdict is rendered (and beyond)?

I know this may seem to have wandered rather far afield from the focus of this blog.  But this involves serious questions around Information, and Compliance, and Governance.  If we agree the system isn’t working, how do we propose to fix it?  What controls can we put in place, beyond talking to our sons and daughters?  How do we establish a process that protects the rights of everyone?


Leave a comment

Filed under Compliance (General), Controls, Definition, Duty, Governance, Information, Internal controls, Privacy, Third parties

Who’s spreading the news?

“Egypt Send Actress to Jail for ‘Fake News,'” The Wall Street Journal, October 1, 2018 A9. Woman posting video on Facebook claiming sexual harassment posted on Facebook sentenced to two years in jail.

Publishing fake news with intent of toppling regime.  Egypt has some problems with sexual harassment.  Appeal expected.

Notice that the government prosecuted the woman, and not Facebook.

Leave a comment

Filed under Accuracy, Compliance, Compliance (General), Controls, Culture, Data quality, Definition, Duty, Governance, Information, Internal controls, Oversight, Third parties


Labels are shorthand.  Does the person using the label mean the same thing as you do?

“For Some Bonds, It’s Too Easy Being Green,” The Wall Street Journal, August 20, 2018 B1.  A quarter of Chinese bonds marketed as green bonds were rejected by “a de facto watchdog for the market” as not really being environmentally friendly.

On the Internet, no one knows you’re a dog.  In the world of finance, who validates your dogness?  What does it say about a company that tells fibs about the greenness of their bonds?

Are labels inherently suspect?  Or inherently believable?

Leave a comment

Filed under Accuracy, Communications, Controls, Culture, Definition, Governance, Information, Internal controls, Third parties