Category Archives: Legal

Barriers to entry

“Europe’s New Consumer Privacy Law Gives Edge to Tech Giants,” The Wall Street Journal April 24, 2018 A1.  The General Data Protection Regulation, which goes into effect next month, protects consumers but also gives Google and Facebook an advantage.

By wielding their power over advertisers and taking a strict interpretation of the law, Facebook and Google can make it really difficult for competitors to establish competing platforms.

Is this what the European regulators anticipated?

Advertisements

Leave a comment

Filed under Access, Compliance, Controls, Corporation, Duty, Governance, Privacy, Requirements, Third parties, Vendors

Reliance

“U.S. Prosecutors to Weigh Criminal Case for McCabe,” The Wall Street Journal, April 20, 2018 A1. The DOJ Inspector General referred the case/matter of former FBI Deputy Director for criminal prosecution over his responses to investigators looking into leaks.

What does it say about the culture of an organization when two of its top officers, both of whom are lawyers, may have lied to federal investigators?  And what if that organization’s mission is the investigation of crimes?

How much do we rely on institutions and professionals to provide governance and to stand as examples of compliance?  Is that reliance justified?

Leave a comment

Filed under Compliance, Compliance (General), Controls, Culture, Duty, Employees, Governance, Government, Lawyers, Legal, Requirements

Dadah is Death

News alert: Countries have different laws.

“Malaysia Aims at ‘Fake News,'” The Wall Street Journal, March 27, 2018 A6.  In the run-up to national elections, new law proposed to impose a prison sentence of up to 10 years for spreading fake news.

As information governance, this has some interesting elements.  News that hasn’t been approved by Malaysian authorities will be considered “false.”  What controls does your country or company put on the sharing of information?  Are they enforced?  Effective?

This law may also apply to “media organizations” outside Malaysia in certain circumstances. But “the government wouldn’t suppress opposing views.”  Well, that makes us comfortable.

Leave a comment

Filed under Accuracy, Compliance, Compliance (General), Controls, Data quality, Duty, Governance, Legal, Requirements, Who is in charge?

Privacy is dead; suspect under arrest

I don’t know what the record is for consecutive days on which one company’s screw-up was on the front page of The Wall Street  Journal, but Facebook is in the running.

“U.S., States Step Up Pressure on Facebook,” The Wall Street Journal, March 27, 2018 A1.  “[F]ederal regulators [including the FTC] … and 37 state attorneys general demanding explanations for [Facebook’s privacy] practices.” Stock price up 0.4% (when the market was up 669.40 points).  Demands/invitations that Zuckerberg (and Google and Twitter) testify before Congress.  And Europe hasn’t weighted in yet.

There is also a pop-up that describes FB’s practice of logging some calls and texts from Android phones.  Did you (we) know that?  Do you know what companies are doing with “your” data?  Do you care?  Privacy is dead; Facebook investigated as person of interest.

I guess that answers the question of who’s in charge:  the Feds and the states.  I guess I missed the outrage when essentially the same data was collected and used quite effectively by the Obama campaign.

Leave a comment

Filed under Compliance, Compliance (General), Controls, Corporation, Duty, Duty of Care, Governance, Government, Information, Internal controls, Legal, Oversight, Ownership, Privacy, Protect assets, Requirements, Third parties, Vendors, Who is in charge?

Public utility

Is YouTube a public utility, subject to government control and with an obligation to serve all comers?  Or is it something else, subject to different rules?

“YouTube Clamps Down on Gun Videos,” The Wall Street Journal, March 22, 2018 A4.  YouTube decides to restrict certain videos about guns and gun sales.

Once you open your business up to the public, don’t you have an obligation to allow legal conduct on your site?  Where else can you refuse to serve someone who wants to do something that’s legal?  Say, for instance, could YouTube forbid any use of its site by Democrats, Republicans, or Catholics?

Where do you draw the line, and who draws it?

Leave a comment

Filed under Access, Accuracy, Compliance, Content, Controls, Corporation, Duty, Governance, Internal controls, Policy

Who’s responsible for your information technology?

Who’s at fault when your technology doesn’t work?  Isn’t that an inherent risk in any technology?

“NYSE to Settle With SEC Over Malfunctions,” The Wall Street Journal, March 7, 2018 B15.  NYSE penalized $14 million for not preventing “outages of critical market infrastructure” in August 2015.

Crazy the the government can create a rule making you liable if technology fails.  But then, you have to comply with the applicable requirements.

 

Leave a comment

Filed under Compliance, Controls, Corporation, Duty, Duty of Care, Governance, Internal controls, IT, Oversight, Requirements

Keeping track

Your can keep track on paper, or have a machine do it.  Which is better for compliance?

“Electronic Logs to Rule the Road,” The Wall Street Journal, December 16, 2017 B3.  For many years, larger trucking companies have used electronic systems to monitor how many hours their drivers drive, and thus comply with various DOT regs.  Now smaller companies will have to follow suit.

 

Leave a comment

Filed under Accuracy, Collect, Compliance, Controls, Corporation, Data quality, Duty, Employees, Governance, Information, Internal controls, Management, Oversight, Requirements, Third parties, To report, Value