What are you buying when you go to the grocery store? Organic bananas?
Not if you’re Amazon.
“Big Prize for Amazon: Shopper Data,” The Wall Street Journal, June 21, 2017 B5. Amazon seeks to buy Whole Foods, but for what? Its hard assets such as stores and locations? Its customer base? Its purchasing and distribution network? More likely: information on how shoppers shop.
If you’re the government agency in charge of approving or disapproving this deal, how do you analyze the impact on competition? What is the “market” that needs to be analyzed? Is this a vertical or horizontal deal? Or something else?
Is most of the value (to Amazon) in this deal the information that it gets? Where’s that on the Whole Foods balance sheet?
Apparently, keeping the identities of confidential informants secret poses some challenges. Are there information governance lessons to be learned?
“Inmates Targeting Informants,” The Wall Street Journal, June 21, 2017 A3. “[C]lose to 700 witnesses and informants believed to have cooperated with the government have been threatened, wounded or killed” over three years. One source of information: online court records that provide clues as to who cooperated with the prosecutors. Some inmates may be posting their sentencing files to establish their bona fides.
Hard to classify this in this blog. Does this pertain to
- the value of accurate and complete information
- the risk in making information widely available
- the government’s duty to protect informants
- the government’s duty to have a transparent criminal justice system
- a defendant’s right to confront his/her accusers
- the need for security and the difficulty in providing it
- the proactive value of disclosure
- the fact that information can be misused
- the difficulty in creating effective controls
Filed under Access, Accuracy, Communications, Compliance, Controls, Data quality, Duty, Duty of Care, Governance, Government, Information, Internal controls, Oversight, Privacy, Protect assets, Risk, Third parties, Value
One unique aspect of information is that it can be stolen, yet remain in the owner’s possession. Apparently, medical facilities are required to report if your medical information is stolen, but not if it is merely kidnapped and held for ransom.
“Some Cyberattacks Go Unreported,” The Wall Street Journal, June 19, 20127 B3. Whether hospitals need to report a ransomware attack of their files as a data breach is a “gray area,” and the federal government doesn’t require such reports, even if the government knows about them. Some hospitals don’t report ransomware attacks, so these attacks are not in the HHS statistics.
So, patients don’t know when hospitals have weak security protection. What value, then, are the government statistics? Do they need a big asterisk?
Filed under Controls, Corporation, Data quality, Duty, Government, Information, Internal controls, IT, Legal, Requirements, Security, Third parties, To report, Value
Uber fired the executive at the heart of the dispute with Google over self-driving cars. The exec failed to meet a deadline to comply with a court order to turn over documents in a trade secret case over self-driving cars. “Uber Fires Executive At Center Of Suit,” The Wall Street Journal, May 31, 2017 A1.
Lesson? If you hire an employee from a competitor and he’s accused of stealing his former employer’s trade secrets, try your best to look good.
What’s your process for keeping new employees, especially from competitors, from damaging your business and your reputation by bringing in your competitor’s trade secrets? Did you follow it, or is it just there for show?
Filed under Communications, Compliance, Controls, Corporation, Duty, Employees, Governance, Information, Internal controls, Management, Managers, Oversight, Ownership, Policy, Protect, Third parties, Value
Gee, how important are computers to your company? Or, more importantly, the information they contain?
“Big Outage Dogs British Airways,” The Wall Street Journal, May 30, 2017 B3. A power surge apparently takes out BA’s entire IT system. No flights, no baggage, and no customer communications. This is partly a business continuity problem, and is a predictable hazard (I was working at Amoco in Chicago in the 90’s when a flood took out the email servers that were then in the basement- Ed.). But it also highlights how important access to information is to having your business run right. If you put all your eggs in one basket, watch that basket.
What happens when you have so much information that you can’t read it all? “U.K.’s MI5 Begins Internal Probe,” The Wall Street Journal, May 30, 2017 A9. Apparently, the suicide bomber in Manchester was on, and then off, the security service’s radar screen. He was one of 20,000 suspects, but not among the 3,000 most active ones.
Filed under Access, Accuracy, Business Continuity, Communications, Controls, Duty, Governance, Government, Information, Interconnections, IT, Operations, Oversight, Supervision, Third parties, Value
“FCC Won’t Move Against Colbert for Crude Remarks,” The Wall Street Journal, May 24, 2017 A3. Remarks about Trump don’t draw a fine. The question remains, what will? What’s the impact of the regulator not even trying to enforce regulatory standards?
“Pakistan Investigates Social-Media Critics of Its Military,” The Wall Street Journal, May 24, 2017 A8. Twenty-seven critics investigated for “unacceptable” comments criticizing and ridiculing the military and judiciary. The FCC wasn’t consulted.
2. “U.S. Sues Chrysler Over Emissions Tests,” The Wall Street Journal, May 24, 2017 B1. Apparently VW wasn’t the only one seeking to game the emissions-testing process.
3. “Human Still Rule Machines in Insurance,” The Wall Street Journal, May 24, 2017 B1. Despite the new sources of data, and the ability of computer programs to determine how much an individual insurance policy should cost, humans are still a necessary decision-maker.
4. “Target Settles Probe Into Its 2013 Hack,” The Wall Street Journal, May 24, 2017 B3. Following the 2013 data breach, Target pays an additional $18.5 million to settle state charges.
5. “High-Ranking Chinese Regulator Faces Probe,” The Wall Street Journal, May 24, 2017 B14. Assistant chairman of the China Banking Regulatory Commission fired for breaking the rules. Details not available.
Filed under Accuracy, Analytics, Compliance, Compliance, Controls, Corporation, Culture, Duty, Employees, Governance, Government, Information, Internal controls, Management, Managers, Oversight, Supervision, Value
If the Board asks how much the company paid for something, “I don’t know” isn’t a good answer. Neither is “We can’t track that today.”
“Algorithms Help Calpers Tally Fees,” The Wall Street Journal, May 23, 2017 B1. The question was how much the pension plan had paid private-equity managers in performance fees. It turns out the answer was $3.4 billion, over 25 years, with $490 million last year. Answer was derived using algorithms.
“It took five years to develop a new data collection system that requires private-equity managers to fill out various templates describing their various fees.”
How comforting – a self-graded exam for $3.4 billion in fees.
What’s information worth? How can you manage without it? How did they?
Filed under Access, Analytics, Board, Collect, Controls, Corporation, Data quality, Directors, Duty, Governance, Information, Internal controls, Management, Operations, Oversight, Oversight, Protect information assets, Third parties, Use, Use, Value, Vendors