Archives For Privacy

data-for-policy-2016-logo

Preface: I did not write a formal posting on the Data for Policy confab this past September, but wanted to at least share the materials that I presented and discussed during the conference.

Abstract: The notion of Data-driven Policy making and its associated Governance, is often challenged by the fact that the vast majority of Politicians, Civil Servants, Champions of Industry & Non-Profit Leaders are basically illiterate in the domains of data, analytics & decision science. Most of these leaders have come up through their careers making decisions based on gut instinct (experience), group think (consensus) or by using a modicum of summary data & visual analysis, but few have either a base in decision science or statistics, much less have bootstrapped themselves along their careers to become Data & Analytics Literate.

Educators today are faced with the daunting task of preparing future generations of Leaders who must have deep competencies & acumen in all aspects of data, analysis & decision science. Many have chosen to focus on the dubious discipline of so-called Data Science. These endeavors are for the most part a cynical attempt by educators to latch onto the latest fad and to create degree programs based upon cobbling together a hodge podge of disciplines which is sold to unsuspecting students as either an Undergraduate or Post Graduate degree opportunity. All fail at their mission and leave graduates, much less future leaders, with a degree that is sorely lacking in the core skills and competencies required to succeed with.

In my presentation at the Conference I endeavored to trace the roots of how we got into such a mess, what needs to be done to prepare individuals to become Data-driven Leaders and how Educators must re-think their approach to creating/adjust curriculum and programs to put all students on a path to Data & Analytics competency and mastery no matter their chosen field of endeavor. I focused specifically on the notion of Top-down Data Leadership that I coined several years ago and use to drive convergence on the key issues and competencies required by all Leaders, Managers & Employees to be use data, analytics & decision science pervasively across their Organizations.

Handouts & Videos:

data-for-policy-2016-handouts-copy

U-tube Interview: http://bit.ly/2iK4DPZ

 

Definition:

Psychological Projection: A theory in psychology in which humans defend themselves against their own unconscious impulses or qualities (both positive and negative) by denying their existence in themselves while attributing them to others.

Body: 

The Mayhem Government aka Theresa May’s Post-Brexit cabal has already left a lasting mark on the UK and its role in the Global economy during its short time in power. It is clear to me (and no doubt others) that in spite of the circumstances of her appointment, Theresa May absolutely believes that she has a mandate to change the UK forever and not just exit the European Union.  So far, her vision for the UK is decidedly one where the residents of England, Scotland & Wales will become much more homogenous, monitored 24×7 by the State and live in a world where the economic wealth and well-being of the country will be severely diminished for generations to come, all in the name of the rigid ideology known as “British Nationalism”. This vision for a Little Britain, along with the implications of using Big Data for mass surveillance, behavior control & the dissemination of government propaganda is what I will focus on for this month’s column.

EU Flag and UK Flag Piggybanks Exchange Rate Concept 3D Illustration

The rise of Nationalistic fever around the globe has been fueled by both rigid ideologies and the use of data (Big and Small) to gain insights on the public, as well as to control any opposition. Much of this has been conducted under the auspices of being for “public good” or in the name of “national security”, with all efforts specifically intended to concentrate more power, insights & control into the hands of Governments’ who are a lot less Democratic and a much more Authoritarian (much less paranoid) than they were just a couple of decades ago (Pre-9/11 & 7/7).

Many of us have foreseen these issues and spoken up, but the media and press have been co-opted by these same Governments to act as their Pit Bulls in stifling any opposition as well as reporting the truth. This toxic mix of rigid ideologies, concentration of power, the limitation of human rights and the muting of dissent has reduced the principles of Democracy to more of a notion, if not a source of ridicule by those now in power (or desirous of attaining it).  Examples of these endeavors in recent months in the UK (both pre & post the Brexit “Leave” vote) include;

  • The IP Bill (Snoopers Charter)
  • The Digital Economy Bill
  • The Department for Education – National Pupil Database
  • Home Office “Foreign Employees” Database

All of these “tools of control and surveillance” leverage the same Big Data capabilities that have be touted by so many as “virtuous and beneficial to society”, but in ways that few were openly willing to discuss publicly. However, there have been some recent discussions in the UK and US on managing the vision & scope of Artificial Intelligence for the public good as well as getting ahead of the tide of Discrimination that Big Data driven insights into Citizens behaviors has brought. In all cases these efforts were designed to distract attention away from the Government’s own behavior in respect to these and other emerging applications of Big Data and Advanced Analytics. In essence, the fears about the nefarious use of Big Data to harm or control the public are a form of psychological projection in respect to the Government shifting its own blame onto others, while standing in judgement against the Public and NFP sectors. It all would seem so laughable if it were not so serious.

The movement away from Democratic Government to one based on rigid Ideologies, along with the exploitation of Big Data & Advanced Analytics by these same Government’s has become a “clear and present danger” to all Citizens under their control. The accumulation of knowledge about each Citizens’ behavior & activities by the State is a bell that cannot be un-rung.  Massive databases, predictive analytics, machine learning, etc. are all tools of the Big Data paradigm and can be used as a force for good in the right hands or as an unbounded force for evil in the wrong ones. To imagine the scope of this potential evil one only needs to look back a short time in history to see how such information, albeit at a much more primitive level of sophistication, was used to discriminate, enslave and control entire populations across the world. The efficiencies brought by Big Data to this type of behavior control are limitless and should be feared by all that cherish the beliefs of ‘Liberty, Equality, Fraternity’. 

PostScript:  With the election of Donald Trump as the 45th President of the United States, I expect that all controls (albeit weak) previously in place to protect against the abuse of US Citizens by either Government or Industry in respect to Big Data, Privacy, Discrimination, etc. will all be thrown out the window immediately after the inauguration and that an “Enemies List” will soon be made known in terms of those that Trump and his disciples will go after. This List will range from Political figures to Ordinary Citizens all of whom having slighted Trump somehow in his authoritarian/fascist view of the world around him. These activities will make those of the Mayhem Government look amateurish in comparison.

* An edited version of this posting appears in the November 2016 issue of Information Age (UK) (www.information-age.com)


 

 

PostScript:

On November 29, 2016 the UK’s Investigatory Powers Bill passed into law by Royal Assent. Many in recent days have tried via an online petition to re-open debate on this bill as a desperate last attempt to stop its progress. I ask those who signed this petition, much less all the celebs in the Tech industry as to where their voices were over the past two+ years as this bill made its way through Parliament and the House of Lords? Once again, a passiveness has been exhibited by the Press, the Electorate and all sorts of Activists as new draconian measures are put into place in the UK Surveillance State. I suggest that this will be the case again as the so-called “Digital Economy Bill” reaches its finalization in the coming weeks. It will soon be time to “reap the whirlwind” that these infringements of Human Rights will bring.

Prelude:

The notion of Personal Privacy aka “The Right to be left alone” dates back centuries in Law and its practice is enshrined in the foundations of all Democracies and Human Rights proclamations. These protections were created well before the invention of digital computing, databases, etc. and yet have been essentially undone in short order since their arrival.

Body:

In the very near future, the UK will most likely have passed into law one of the most far reaching efforts ever by any Democracy to spy (and snoop) on each of its citizens, residents & visitors at home, much less abroad; all in the name of Security. Mundanely referred to as the Investigatory Powers Bill (IP Bill) it is widely derided as “The Snooper’s Charter” (and rightfully so). It is a law with literally no purpose other than to legitimize the illegal spying that the UK Government has been engaged in for decades via its Security, Services, while increasing the scope of their activities beyond reason. Promised as necessary (and proportional) to providing Security to the country, it in essence guts everyone’s right to Privacy as far as the State is concerned. Of course, this flies in the face of established Privacy Laws that the Public, Private & Non-Profit sectors are currently held to account for, much less the EU Human Rights Charter, which Brexit will soon undermine, if not eliminate altogether.

Why is the Electorate in the UK being cowed into accepting the false equivalency that; “If you trade away your Privacy to us (the State) we will provide you with Security (and protection)”. It does seem that the average citizen cares little about their personal Privacy today as long as they are safe in their beds away from the clutches of the latest bogy man that the State can conger up. Add to this, the parallel effect observed by users of social media or online shopping where they accept the bargain of; “As long as you offer me some sort of instant gratification, I don’t care about my Privacy one iota (no matter how creepy you act with my data)”. How did the Human Right to Privacy become so easily traded away by almost the entire population? The root cause of this effect can be found in data that is all around us and you don’t’ need to be a so-called Data Scientist to figure it out.

We now live in a world that is awash in data. We create it as individuals during ever moment of our lives and consume even more of it from various sources and services that we seek out. There is so much data about us that is collected, processed, sold and exploited that we have become oblivious to the entire process. It is as if there were an invisible anesthetic in the air that numbs our senses to the fact that something a very wrong with all of this. Privacy is a right, that until recently has been fiercely protected and a line that few Governments’ have been willing to cross in respect to monitoring their citizen’s (at least publicly). Now, it is only an afterthought that arises when some egregious act or data breach is exposed by the press or on social media and everyone sounds off about how violated they feel (all the while creating more new data to be exploited by others). We now have a Perfect Storm of events where Privacy as a right (or in the US as a Civil Liberty) is lost in the conversation, while everyone focuses myopically on National Security or the pursuit of the latest game (Pokemon Go comes to mind) or app (Facebook is a constant in being the worst offender). The Individuals’ right to Privacy has become an insignificant consideration, much less an afterthought.

As the UK plans its exit from the EU, the notion of Privacy will be further eroded as the State will focus all its attention on Sources of Commerce & Trade, Border Security & Immigration. These negotiations will be another opportunity for Privacy Rights to be further traded away in return for hollow promises of gold or enhanced security. In the end it should be clear to all members of the Electorate that not only did the UK sleepwalk its way out of the EU, but it sacrificed the notion of personal privacy along the journey. There will be no way to put this Jeanie back in the bottle once this happens regardless of which party is leading Government.

This article in an edited version first appeared in the September 2016 issue of Information Age (www.information-age.com).

Preface:

privacy |ˈprīvəsē| noun “the state or condition of being free from public attention, being observed or disturbed by other people”:

Authors Note:

Members of the Judiciary in the US are now stating without equivocation that “Privacy is only for those with something to hide”. I would doubt that anyone outside their circle of influence agrees with them.

Body:

Privacy is a basic Human Right in the EU and many other geographies and a long established Civil Liberty in the US.  These protections have been in place for many decades and yet never in its history has the notion of Privacy been under a non-stop attack from two opposing and powerful forces simultaneously; that of numerous Internet-based Commercial entities (including illegal ones via Data Breaches) and various Governments’ around the world (for national security and often immoral purposes). All believe with strong conviction that they have legitimate needs (and alleged legal rights) to freely access and use Individuals most personal data (PII) for the purposes of either Commerce or National Security. No matter where you stand on these arguments there is much to be said & argued and it has become “a pundits dream” in terms of opportunities to proffer and pontificate on the subject. All seem to be making to argument to extend their already egregious activities even further. This has created deep polarization by all parties involved with no resolution in sight.

Given all this, the central question in my mind is “Can all of these interests co-exist in some level of balance that is beneficial to all, but benign in respect to sacrificing any Privacy rights and protections that exist today, much less in the future?” I see it as one of the central challenges of our time and worthy of at least one of my columns in 2015.

The success or failure of our ability to reach a consensus on Privacy will be the great enabler (or disabler) of everyone’s dream for what the Internet, Device Applications, the Internet of Things, etc. can provide today and in the future. Without this understanding all may be lost in my opinion. In this regard I may be alone in my thinking, but only time will tell.

How do we achieve this co-existence? No matter the approach taken, building and maintaining Trust amongst all stakeholders is paramount. Today, there is precious little of this due to recent behavior by both Commerce and Governments. Most polls taken today verify this directly and expose the dilemma that Consumers find themselves in (http://www.pewresearch.org/topics/privacy-and-safety/) when trying to embrace new capabilities that technology can provide and to support their Government’s efforts to keep them safe, while maintaining control over something very critical & essential to their wellbeing i.e. Personal Privacy.

For some time now I have espoused the idea of creating a “Universal Privacy Doctrine”. I see it as an understanding about Privacy that would transcend all Governments, Geographies, Languages and Cultures, a sort of passport if you like which would guarantee everyone a set of basic protections for their Personal Privacy. Many have scoffed at this idea, but given the patchwork of laws, policies, etc. that exist on the matter, much less the global reach of the Internet and Government Surveillance it seems to be the only practical way to define a baseline of minimal protections, which can then be built upon. It ultimately solves the dilemma that if Governments’ are responsible for protecting their Citizens Privacy from others, yet can’t be trusted to do so themselves then where do you go for protection? In terms of practicalities it would take a body such as the United Nations to underwrite such a doctrine, to create the mandate and ultimately to marshal the resources required to enforce it. I would see it as “Privacy Peacekeeping” in its most basic form.

We live in a time where Commerce and Government want free and unfettered access to our most Private data and yet offer nothing in return to the Citizen/Consumer. This pendulum has swung far too much away from the status quo of many decades in respect to established Privacy Protections.  We must find a way to re-balance the scales in favor of the Consumer while supporting these other vested interests in Privacy-protected data.

*-This posting originally appeared as an article in Information Age (UK) in February 2015

For More Information:

You can read my Privacy Corner Series on IBM’s Big Data Hub: http://www.ibmbigdatahub.com/blog/author/richard-lee

In particular please check out my article & podcast:

“A matter of Trust” http://www.ibmbigdatahub.com/blog/privacy-corner-april-2014-role-trust-it-applies-privacy

Authors Note:

I have written this posting for the CEO and his/her Board of Directors/Advisors and not for IT/Technical management as they are only responsible for executing the Policies & Plans that their Executive Team has set forth.

Preface:

According to the UK’s ICO >90% of all reported data breaches are caused by Human Error and not by Cyber Criminals or Hackers. In spite of this, the singular focus is now on Cyber Security as the means to prevent data breaches.

Data Leadership must come from the top (CEO and Board) and cascade down to the entire Organization in order to be pervasive & effective.

Body:

The worst nightmare that every CEO & his/her Board face today is not an unchecked competitive threat or insufficient market capitalization, but that of the Data Breach. Virtually every Fortune 5000 Company, Government entity and NGO has had at least one major data breach during this decade, with many having multiple “badges of shame” to their credit. Each breach, whether malicious or accidental, brings all sorts of recriminations & bad press to the Organization and its Leadership. Mea culpas and low-level IT managers falling on their swords has become commonplace and is now meaningless for the most part as the root cause of the issue continues to not be addressed; that of  “The Lack of Executive Data Leadership (pre & post-breach)”.

Data, especially those classes which contain “personally identifiable information” (PII) is one of the most valuable assets that every Organization collects, stewards, exploits and protects. Without it there would be no Organization in virtually all cases and yet treating “data as an asset” is typically (if not always) entirely off the radar of the Chief Executive, the Board and the Senior Executive Team (SET). Their only concern seems to be mitigating the “risk” associated with this asset class in respect to Compliance with applicable laws, statutes and regulations. The protection of data is always left to the CIO and/or CISO who reside multiple levels down in the Organizational Hierarchy. This must end now or Consumer Trust will be lost forever in fairly short order.

Data Leadership must come from the top (CEO and Board) and cascade down to the entire Organization in order to be pervasive & effective. It defines the Strategy for managing & exploiting data over its entire lifecycle (creation, harvesting & retirement). A critical component of this management lifecycle is protecting data from unauthorized access or inadvertent disclosure. If Executives could envision data being just as tangible as cash, bonds or even trade secrets then perhaps they would be more imaginative in its protection. Every Organization, in spite of its best efforts has a very porous network of interconnections spanning their entire Enterprise. Each of these connection points is potentially a source for a breach, especially now with the influence of the BYOD movement. Once breached, these networks cannot typically detect any nefarious or negligent activity for the most part, much less PII and other Critical Data flowing outwards. It is a Perfect Storm of risk factors and yet if Top Down Data Leadership were in place appropriate resources, sensitivities, monitoring, rewards & punishments, etc. would be in place to detect, mitigate and ultimately prevent these data breach risks altogether as everyone would know that it is the #1 Priority for the entire Organization. It would be “baked into the Culture of the Organization” much less part of the behavioral ethos within it. This use of Leadership & an Engaged Culture to steward and protect critical data is much more practical than any type of Ring Fence that many are currently advocating. “Awareness and Vigilance” becomes the mission for everyone to embrace and embark on each day across the entire Organization. In most cases today data breaches go undetected for up to a year before discovered. By then the damage has been done. This would not be the case in any Organization who is so committed to the core in respect to its data.

Coping with the threat (and aftermath) of Data Breaches requires Top-Down Executive Leadership and an Engaged Culture focused on nurturing & protecting data as an asset. Investing in more Security Tools, Cyber Insurance and endless Consulting engagements will not surmount the challenge of the data breach. Embracing all of the tenants of Data Leadership is the only solution to this long-term challenge. Remember, 2015 is “The Year of Data Leadership” and thwarting data breaches is a good place to start your journey.

*An edited version of this posting appeared as an article in the April 2015 issue of Information Age (UK)

Data Privacy Day 2015

January 26, 2015 — 2 Comments

I have written two articles for this year’s Data Privacy Day (#DPD15) endeavors . One will be published in the February issue of Information Age (www.information-age.com) and is online now (see link below) & the other is on the IBM Big Data Hub (www.ibmbigdatahub.com) going live on January 28th as a feature on DPD. I encourage all of you to visit these sites;

Information Age: “Personal Privacy, Internet Commerce and National Security: Can they co-exist?” (http://bit.ly/1JsRU6P)

IBM Big Data Hub: “Some Thoughts for Privacy Day 2015” (http://ibm.co/1z6RvUY)

2015 is going to be a critical year in determining the future of Personal Privacy in all respects e.g. Protecting Students Privacy, Reigning in Data Brokers, Thwarting Cyber Attacks, Curtailing Government Surveillance and Snooping, a Refresh of the EU Data Protection Act, President Obama’s “Privacy Bill of Rights”, etc. I believe that it is essential that everyone take an agressive role in managing and protecting their Privacy, along with that of their family members. 

Remember that Privacy is a basic Human Right in many parts of the world and a Civil Liberty in the US. It can only be maintained, much less reinforced if you take an active role in not only protecting your own, but those around you, especially your children.

(Image courtesy of the Online Trust Alliance)

October & November will be frantic months of activities with a strong focus on Conferences. Check back often for updates and additions. In most cases I will be Tweeting and Blogging live from each conference;

Conferences:

Association of Change Management Professionals (ACMP): “2014 Change Connect Symposium” – October 1-2 – Microsoft Campus Commons (http://www.acmppnwnetwork.org/?page_id=326)

Digital Analytics Association (DAA): “Monster Analytics Mashup” – October 16th – Microsoft Conference Center (http://www.digitalanalyticsassociation.org/calendar_day.asp?date=10/16/2014&event=260#.VCWfF8LF-yM)

Information Age (UK): “Data Leadership 2014” – October 30th – The Grange Tower Bridge Hotel (London) (http://www.dataleadership.co.uk) :

Keynote: “Embracing The Data Leadership Nexus for Strategic Success”

UK Open Data Initiative: “ODI Summit 2014” – November 2-4 – British Film Institute (London) (http://summit.theodi.org/)

Articles:

IBM Big Data Hub: “The Privacy Corner”. “Discrimination and Other Abuses drive the Need for Ethics in Big Data” (http://ibm.co/1sKmkx0)

Information Age (UK): “Transforming into a Predictive Enterprise” (http://www.information-age.com/technology/information-management/123458506/holy-grail-big-data-becoming-predictive-enterprise)

Information Age (UK): “The State of Open Data” (November 15th (URL to be posted at time of publishing)

IBM Big Data Hub: “The Privacy Corner”. “Have we already lost the Privacy battle?” (November – Date TBD)

The Data Leadership Nexus (Blog):

“Reflections on Data Leadership 2014” (November 4th)

“How to Successfully Execute your Transformational Plan for becoming a Predictive Enterprise” (November 15th)

“The Data Leadership Nexus: (Recap)” (Updates throughout the month) (https://infomgmtexec.me/2014/09/16/recap-the-data-leadership-nexus/)