“Huawei Equipment Has Major Security Flaws, U.K. Says,” The Wall Street Journal, March 29, 2019. Absence of company-wide security practices at issue.
This one would send you scrambling for your crisis management manual. What happens when the US government says your product has a security defect?
It’s not really possible to manage what the US government says about you. How is this information being used? How do you manage the consequences? Is this just a part of the China-US trade spat? How do you deal with your customers? How do your customers react?
Maybe a slight departure from the normal focus of this blog. But involves having the right processes (Governance) and complying with those processes (Compliance). And a bit of Use and Information.
“HUD Action Against Facebook Signals Trouble for Other Platforms,” The Wall Street Journal, March 29, 2019. Do ads targeting specific races/religions constitute discrimination?
How does Facebook use the information it has collected? Can advertisers on Facebook pick which users get their ads, and restrict others from seeing those ads? Could the ad be directed at one race of users and not another, or one age, or one ethnic group, or one religion? Google got a party invite as well.
“The allegations against Facebook amount to a modern spin on redlining, or the historic practice by some real-estate brokers, lenders and others of drawing red lines around low-income and minority neighborhoods and either denying services, or targeting them with higher rates.”
And what does it mean when, in the space of a week, three different agencies of the federal government have taken action in this space? First, the FTC with broadband providers. Then the SEC with the PII in a database. And now this. Is there an Invisible Hand at work?
“Workers Push Back as Companies Gather Fingerprints and Retina Scans,” The Wall Street Journal, March 28, 2019. State statutes provide workers and others additional rights.
Fingerprints and facial scans are information, just as much as a tax return. There are limits on how much a business can “capture” from you, and what that business can do with that information. In Illinois, and perhaps other states in the near future, employees and customers can sue if the employer hasn’t taken the right steps.
So, there’s Information. There’s Governance (by the government and, perhaps, by a business), and Use, and Compliance. This one hits on all four.
[Thanks, Judy. I would have gotten here; just takes some time. Ed.]
“Journalists Face Prison Over Reporting George Pell Sex-Abuse Conviction,” The Wall Street Journal, March 26, 2019. Australian journalists defy judge’s gag order over the conviction of a Cardinal for sex abuse.
Prior restraints on speech and the press are largely prohibited in the US, due to Constitutional protections. But that’s not universal.
All four major vectors touched: Governance (who’s in charge? what controls?), Information (a criminal conviction of a priest for child sex abuse), Compliance (journalists complying, vel non, with a court order), and Use (by the journalists).
“FTC Orders Broadband Providers to Explain Data Collection Policies,” The Wall Street Journal, March 26, 2019. The government begin to explore how broadband companies handle your private information.
While some have questions about whether there is any Constitutional right to privacy, penumbras notwithstanding, it is interesting to see a government agency begin to look into how some major providers are dealing with (e.g., handling, protecting, using) “your” information. Is privacy a property right protected by the Constitution or an unalienable right under the Declaration that governments are obligated to protect?
Seems like Governance to me, and maybe Compliance. Certainly Information and Use.
“Prosecutors Drop All Charges Against Actor Jussie Smollett,” The Wall Street Journal, March 26, 2019. Charges dismissed against actor accused of faking a hate crime attack.
Not what you’d readily recognize as an information governance story. But think about the information used in filing the police reports and the controls in place to prevent false police and news reports and unjustified criminal convictions and punishments, and how well they worked. At the police and prosecutors’ offices, the courts, and in newsrooms around the country (world).
Does your company act on unproven or unreliable information? What does that cost? What controls do you have in place? Today’s quiz: how does this fit under the headings of Governance, Information, Compliance, and Use? Identify and discuss.
“Duke University Agrees to Pay $112.5 Million in Whistleblower Suit Over Grants,” The Wall Street Journal, March 25, 2019. University employee used fake data to secure federal grants.
The university employee had been found to be embezzling. A whistleblower (using his brother as his attorney) sued under the False Claims Act.
Not a good month for prestigious universities.
Governance, Compliance, Information, and Use all in one story. The university didn’t have sufficient controls (Governance) to manage the Information its employees were submitting to the government, and a whistleblower apparently spoke to his attorney brother and then sued to enforce Compliance (and get a slice of the recovery). Now there’s a compelling case for the use and value of information about a colleague’s bad behavior.
“Publishers Sue Peloton for Use of Songs From Drake, Lady Gaga,” The Wall Street Journal, March 20, 2019. Allegedly, only some songs properly licensed.
Oops. You try to comply with the law in getting licenses from the right people, but fail. So you use their information improperly and face a suit for $150 million, right before your IPO.
Do you have controls in place (Governance) to make sure you don’t use copyrighted material without a license (if necessary)?
“FCC Tackles 911 Dilemma: What Floor Are You Calling From?,” The Wall Street Journal, March 18, 2019. Will technology need to track your altitude?
Finding people calling 911 from a cellphone within a building can be problematic. So the FCC is proposing to require that the information from your wireless phone include your altitude, and within 10 feet.
So, we have Governance by the FCC. And Information, generated by your cellphone. And Compliance, sort of. And using the newly required information as well.
Who owns the data about where you eat?
“Who Controls Diners’ Data? OpenTable Moves to Assert Control,” The Wall Street Journal, March 16, 2019. “The table-booking service will block restaurants from giving competitors access to diner data acquired through OpenTable unless they pay new fees, according to its updated client agreement and a copy of a new pricing plan viewed by The Wall Street Journal.”
I guess this goes a bit to the value of information. Let’s see: the restaurant where you made the reservation doesn’t own that data, the app that provided it to the restaurant does. But you don’t.
And OpenTable seems to recognize the value of the information it has collected and, either to protect its customers’ privacy or its own profits, OpenTable has established controls and is governing that information.