“Wall Street Analysts Are Selling More Data,” The Wall Street Journal, November 8, 2018 B11. Analysts are searching and make available a bunch of information on your information, including “social media sentiment … and geospatial mapping.” Think of it as expanded research reports.
Well, they are in the business of reviewing data and offering opinions (for a price). Is it much of a disintermediation for them to start selling the information directly? I guess there’s money in it. Or service.
Filed under Access, Analytics, Collect, Controls, Corporation, Duty, Information, IT, Management, Operations, Ownership, Security, Third parties, Use, Use, Value
This blog explores, from time to time, the outer reaches of the intersection(s) of Information, Governance, and Compliance.
Consider, for a moment, a fingerprint. Not what you normally consider “information.” And one seldom thinks of “managing” a fingerprint. Who owns your fingerprint? But consider the value of a fingerprint, and both the failure to “manage” or control where that fingerprint can be found and the ability to find that fingerprint and locate its owner. How much information governance is involved in this process?
“Fingerprint Leads to Arrest Of Bomb Suspect in Florida,” The Wall Street Journal, October 27, 2018 A1. Alleged mail bomber’s fingerprint in a package sent to a legislator leads to arrest of suspect.
Which leads me to the question,”What is there that isn’t information that is managed or controlled in our lives, or a least directly related to information that is managed?” I struggle to find an example of something that isn’t information, or directly related (perhaps somewhat remotely) to information that is managed or controlled.
Filed under Access, Accuracy, Analytics, Collect, Compliance, Controls, Data quality, Definition, Duty of Care, Governance, Information, Management, Oversight, Ownership, Records Management, Risk assessment, Use, Value
“Apple CEO Urges Action on Data Misuse,” The Wall Street Journal, October 25, 2018 B1. Tim Cook wants GDPR-style privacy protections in the US. Claims “[o]ur own information … is being weaponized against us with military efficiency.”
He went on to suggest that the data collection practices of some online advertising companies are the equivalent of government surveillance.
How do we wrest control of our information back again? Or is privacy dead? And do we believe that our federal legislature is competent to develop the necessary (and effective) legal controls and protections that true Governance requires?
Filed under Access, Accuracy, Analytics, Controls, Corporation, Duty, Duty of Care, Governance, Government, Information, Oversight, Ownership, Ownership, Policy, Privacy, Technology, Third parties, Value
That’s a catchy headline.
“Facebook Thinks Hack Was Set by Spammers,” The Wall Street Journal, October 18, 2018 B1. FB says recent breach of ~30 million accounts was by spammers wanting to make profits, and not by nation states with evil motives. FB will likely never find who took the information.
This raises a whole host of issues about information ownership and the duty of companies who handle and store your data. And IT security, or insecurity. Which is your favorite? I personally favor what this says about the culture at FB; with these issues, the FB communication to the market and its shareholders and its customers speaks volumes about how FB views the risks of its business. So now a denial is Information, by definition.
Filed under Access, Communications, Compliance, Compliance (General), Controls, Corporation, Culture, Definition, Directors, Duty, Duty of Care, Employees, Governance, Information, Interconnections, Internal controls, Investor relations, IT, Oversight, Ownership, Privacy, Protect assets, Security, Technology, Third parties, Who is in charge?
“Restaurants See Value In Big Data,” The Wall Street Journal, October 3, 2018 R5. A mobile app asks restaurant patrons to provide a bunch of information about themselves so that the restaurant can serve them better.
The app requests data about the patrons’ allergies. I was surprised that the restaurant quoted in the article is in California. Can you collect and store this information in California without infringing on the patrons’ privacy? Are there limits on what the restaurant can do with this information? Loyalty programs generally collect data about you. Do you care?
What could go wrong?
Filed under Access, Collect, Compliance, Compliance (General), Controls, Corporation, Duty, Governance, Information, Internal controls, Management, Ownership, Value
“Panel Votes to Release Probe Records,” The Wall Street Journal, September 29, 2018 A3. House committee votes to release some but not all of the transcripts of testimony given behind closed doors about possible Russian interference in the 2016 elections.
Interesting that, as an interviewee, you have no control over what investigators then do with what you said. You don’t “own” that. So, the government “governs” that information, and can ask that it be declassified; you can’t object. But the government can decline to make some of this public, as they did here (testimony of two members or Congress were not in the interviews to be released). Power is an interesting thing.
And, as the public, you have no “right” to that information unless Congress and various intelligence agencies agree.
Filed under Access, Communications, Controls, Duty, Governance, Government, Information, Internal controls, Oversight, Ownership, Third parties, To report
“Yahoo, Bucking Industry, Scans Emails for Data to Sell,” The Wall Street Journal, August 29, 2018 A1. Unlike its competition, Verizon scans your Yahoo and AOL emails and shares the data with advertisers trying to sell you stuff.
This blog focuses in part on Compliance with law and company policy and procedures. Does one need to comply with the practices of others in the industry, even where that is not required? Do “market forces” act as part of the Governance structure?
We already know that Yahoo feels it owns the data you exchange over their platform. But telling others what sites you’ve visited is a bit different than telling them what you may have been mentioned in your email.