Category Archives: Interconnections

It’s a theme

In the prior post, I expressed some shock and amazement that Amazon would meddle with the patient-doctor relationship.  See www.infogovnuggets.com/2018/12/03/these-folks-have-lost-the-plot/.

Apparently I am not alone in raising some questions about the antitrust implications of some of Amazon’s behavior. “Germany Opens Amazon Antitrust Probe, Adding to European Scrutiny,” The Wall Street Journal, November 30, 2018 (online).  Is Amazon hindering other sellers on their website?

This is primarily a Compliance issue.  I note, however, that the types of behavior at issue here are basic antitrust blocking and tackling.  If you get to a certain size, you can no longer get away with behavior that would be acceptable by a smaller player. Sometimes this isn’t part of the Compliance education package.

 

Advertisements

Leave a comment

Filed under Compliance, Compliance (General), Controls, Corporation, Duty, Governance, Interconnections, Legal, Requirements, Third parties

Chinese hacking alleged

“U.S. Charges Agents Of China Hacked Aviation Firms,” The Wall Street Journal, November 1, 2018 B4. Agents of the Chinese government indicted for trying to steal airline industry technology.

This is getting to be rather routine.  One part of this is the value of Information, and the importance of information security.  One part of this is Compliance, of course, as the US government is trying to protect the US information assets (although the company at issue probably had some responsibility for this as well, as well as their board of directors).  And, of course, Governance, as the US government is prosecuting.

We all know the business case for cyber-security.

Leave a comment

Filed under Access, Compliance, Compliance (General), Controls, Corporation, Duty, Duty of Care, Governance, Government, Information, Interconnections, Internal controls, IT, Oversight, Protect assets, Security, Third parties

It depends on your point of view

“U.K. Plans to Introduce Digital Tax on Tech Firms,” The Wall Street Journal, October 30, 2018 A9.  Rather than further regulating firms like Google and Facebook, the UK now tried to tax their locally generate revenue.

The lack of a universal taxing methodology may cause the big players some headaches.  Compare the patchwork of privacy obligations if you operate in different countries (or states).

Look at this from two different views.  First, how does a large multi-national comply with all the different laws around the world?  Second, how does your company deal with the overlapping laws and your own corporate policies and procedures, which may apply differently to different parts of your company?

While one-size-fits-all makes sense at one level (if you’re on top of the Governance pyramid), does this process require a bit more granular differentiation (if you are on the bottom)?

 

 

Leave a comment

Filed under Compliance, Controls, Governance, Interconnections, Internal controls, Oversight, Third parties, Who is in charge?

Non-disclosure non-agreement

“SEC Keeps Study On Speed-Bump Trading Under Wraps,” The Wall Street Journal, October 25, 2018 B11.  SEC has done a study of controls that slow down high-frequency traders, but hasn’t released that publicly.

The SEC is in charge of protecting the stock trading system.  As such, it watches over how quickly information moves within that ecosystem, and whether access is available to all at the same time.  But the SEC refuses to release the unredacted text of a study that it did on the impact on “controls” that limit the ability of high-speed traders to take unfair advantage of their access to information.

Curious as to why (and what) the government doesn’t want us to know.  Who oversees the government? (Hint: a free press is one of them).

Leave a comment

Filed under Access, Accuracy, Controls, Data quality, Duty, Governance, Government, Information, Interconnections, IT, Oversight, Technology, Third parties, To report, Value

Hackers look to make money

That’s a catchy headline.

“Facebook Thinks Hack Was Set by Spammers,” The Wall Street Journal, October 18, 2018 B1. FB says recent breach of ~30 million accounts was by spammers wanting to make profits, and not by nation states with evil motives.  FB will likely never find who took the information.

This raises a whole host of issues about information ownership and the duty of companies who handle and store your data.   And IT security, or insecurity.  Which is your favorite?  I personally favor what this says about the culture at FB; with these issues, the FB communication to the market and its shareholders and its customers speaks volumes about how FB views the risks of its business.  So now a denial is Information, by definition.

Leave a comment

Filed under Access, Communications, Compliance, Compliance (General), Controls, Corporation, Culture, Definition, Directors, Duty, Duty of Care, Employees, Governance, Information, Interconnections, Internal controls, Investor relations, IT, Oversight, Ownership, Privacy, Protect assets, Security, Technology, Third parties, Who is in charge?

Weakest links

“Smart Devices Draw New Defenses,” The Wall Street Journal, October 18, 2018 B1.  Companies move to add security to the Internet of Things things, like interconnected devices inside your home (e.g., cameras, routers, refrigerators, and tvs).

Do we really know how insecure the appliances you have in your house?  Do we really care?  I posted earlier today about Apple in China building and selling phones that have the option, but not the requirement to have two-factor authentication.  Is the user the weakest link?

Leave a comment

Filed under Access, Controls, Duty, Interconnections, Internal controls, IT, Security, Technology, Third parties

Apple watch

“Turkey Says Journalist’s Killing Was Recorded,” The Wall Street Journal, October 12, 2018 A1.  Turkey alleges audio and video demonstrate that Jamal Khashoggi was killed in the Saudi consulate in Istanbul.

Was this captured in part on his Apple Watch?

Do we lose sight of the places where information can be found?  How would (or do) we control this  in our organization?  A visitor who wears a watch?

Leave a comment

Filed under Controls, Information, Interconnections, Internal controls, IT, Security, Technology, Third parties