Would the agency in charge of gathering data on the budget deficit “massage” the numbers to make the deficit look worse?
“Greeks Investigate Statistics Chief Over Deficit Figure,” Wall Street Journal, March 23, 2015 A8. A prosecutor filed criminal charges alleging falsification of data (they don’t have 18 USC §1519 in Greece) against the head of the statistics agency. Was the deficit 4% of GDP in 2009 or 15%? More than a rounding error.
What happens if government numbers are a political football? Who’s watching this?
Filed under Business Case, Collect, Compliance, Compliance, Compliance, Compliance Verification, Data quality, Duty of Care, Governance, Management, Oversight, Oversight, Reliance, Risk, Use
Who owns information that’s freely available, but time-consuming to collect again?
That’s the problem as Google and Bing and others try to map the next frontier: the uncharted depths of the favelas in Rio.
Does the State own the data, even though they don’t have it charted yet? What about other explorers who have charted it already and who gave the map to the State? What about the criminal gangs that exercise dominion over the area, and who may want to be harder to find? What about the residents, or the shopkeepers?
“Google, Microsoft Expose Brazil’s Slums,” Wall Street Journal, September 26, 2014 B1. The rising availability of smartphones and internet access supports a need for being able to navigate even the slums. How do entrepreneurs monetize the data collected? Is the information worth more to Google than they are willing to pay?
Do Lewis & Clark still get royalties on their maps?
What information do you have? Does making money require you to hide that information, or can you just rent it to others? Is it your information? Can you just use it?
“SEC Is Examining Pricing at Pimco,” Wall Street Journal, September 24, 2014 C1. Allegations: Pimco bought at one price and then reported value at a higher number, pumping up the fund’s performance. So they knew what they paid but didn’t report that to the market; instead, they reported “value,” which is different. Were investors misled?
“Apple’s Latest Marketing Pitch: More Privacy,” Wall Street Journal, September 24, 2014 B1. Fresh on from the celebrity nude video breach of iCloud, Apple says one thing but appears to do another. “‘We don’t ‘monetize’ [your] information….'” But then iAd sells the ability to reach target demographics based on user data. Where’s the SEC when you need them? What information do you have, how do you use it, and how do you tell the market about it? And whose data is it?
“Websites Wary of Facebook Tracking,” Wall Street Journal, September 24, 2104 B1. Does Facebook really monetize your browsing information by allowing advertisers to target you? Whose information is it, anyway? [Read the user license] But online retailers are nervous about Facebook’s practices, but for a different reason. They view information about your visits to their sites as their information. So, what information do you have and how do you use it to make money?
“Data Breach Triggers Fraud,” Wall Street Journal, September 24, 2014 C2. Story follows fraudulent uses of credit cards following Home Depot breach. Is this news, or res ipsa loquitur (a legal term for “the thing speaks for itself; used to establish negligence)? Dog bites man? Or just a bad headline? From an information governance perspective, what happens if your controls fail? People using your information that you used with a retailer. To make money.
Filed under Board, Business Case, Collect, Controls, Duty of Care, Governance, Inform market, Information, Internal controls, Investor relations, Management, Oversight, Ownership, Privacy, Protect, Protect information assets, Risk, Security, Use, Value
First, “Phone Protections Alarm Law Enforcement,” Wall Street Journal, September 23, 2014 A4. New Apple (and soon to be Google) technology to place photos, videos, and contacts of a locked iPhone outside the easy reach of law enforcement, even with warrants. Just don’t backup on iCloud. Take that, NSA. And others. Law enforcement will need to get the passwords from the users.
Second, and for me foremost, “Use of Voice Is Key To Managing Teams,” Wall Street Journal, September 23, 2014 B1. For those who recognize the value of the brand of voice for internal corporate communications, three newish technologies: Talko, Slack, and Tango. If Ray Ozzie supports it, I’m interested. Talko bridges the gap from groupchat to voice + video. These have promise and are technologies to watch.
How will information governance policies and practices have to change to adapt? How will ediscovery handle the unavailability of information on an iPhone, other than by forcing the disclosure of passwords and the like?
This isn’t so much about information as it is about governance.
“Regulators, Accounting Firms Spar Over Rule,” Wall Street Journal, September 22, 2014 C1. At issue is having the name of the engagement partner of a company’s accounting firm sign off on each public company audit. And their name will be disclosed to investors. The fight is over whether the disclosure is in a 10-K, and thus reasonably accessible to investors, or on a Form 2, which is harder to get.
A major failing of many information governance initiatives is the failure to designate one C-suite resident as the owner of the information governance program, with responsibility for what gets done and what doesn’t. See also the Federal Sentencing Guidelines Manual. A contributing cause to the failure of many information governance programs is the absence of a procedure by which the managers of each group of employees sign off at least annually on the compliance by those who report to the managers.
If your boss has to sign off that you’re in compliance, will he or she do more to find out how you’re doing? Will you? What will happen to the culture, both in your group and in your company?
Filed under Board, Compliance, Compliance, Compliance, Controls, Culture, Culture, Governance, Internal controls, Management, Oversight, Protect
Sports is a target-rich environment for information-related pieces. Here’s one on information-in-use.
“Baseball Experiments With Brain Science,” Wall Street Journal, September 20-21, 2014 A16. Use of neurologic training systems designed to improve a batter’s ability to hit the ball. Interesting graphic on what’s going through a batter’s mind in the 400 milliseconds between the pitch and the ball arriving at home plate.
Information governance has three main areas: compliance, protection, and use. This is “use.”
“Home Depot Breach Tops Target’s,” Wall Street Journal, September 19, 2014 B1. A custom-made virus allowed hackers to steal data from 56 million credit cards over 5 months before it was detected and, hopefully, removed. Cost for investigation, credit monitoring, call center, and the like: $62 million, or a bit more than $1.10 per breached card. Cost of lawsuits: priceless.
Insurance covered $27 million of initial costs.
How good are your protections against hackers? How good is your cyberrisk insurance? How much information do you have that belongs to others? How well do you protect it?
Filed under Board, Business Case, Collect, Controls, Governance, Information, Interconnections, Internal controls, IT, Management, Ownership, Protect, Protect assets, Protect information assets, Risk, Security, Third parties, Value