Last week, at the Electronic Signature Records Association (ESRA), I delivered a keynote address that surprised me. For awhile, I have been advocating that risk management is dead as a business discipline. Why? Because RM is only funded out of the net profits of an organization. When companies seek the monies to meet budget requests for managing risk, their only sources of funds are the monies left over after all the other expenses of producing their goods and services have been spent. RM spending, as such, does not do anything that increases the value of the goods or services of a company to its customer base. But it has always been challenging to make that point clearly, and to illuminate … Read More
Last week, Harvard University’s Berkman Center for Internet and Society convened a conversation between Professor Jonathan Zittrain and Microsoft General Counsel Brad Smith to discuss “Privacy, Surveillance, and Rebuilding Trust in Tech”. I could not be more pleased with the observations offered in their dialogue. According to two media articles tracking the event, Smith reported a “double-digit percentage drop in trust.” Forrester Research reported in March, 2014 that the NSA-Snowden disclosures likely cost the cloud computing industry up to $180 billion in losses. Those are enormous in their expressions of the impact of a lack of digital trust and effective governance.
But here is the quote from Brad Smith that is the most important: “You cannot restore trust without greater … Read More
In my class at the University of Oxford, one of the key take-aways was that information governance is not about e-discovery; it is all about creating and managing information that is an authentic record of facts. It is just that simple. When companies retain information, the information is being retained because of its value as objective, authentic recordations of some event, a specific transaction, the occurrence (or non-occurrence) of a defined process, the existence and content of a communication, the account balance at a moment in time.
Each of these are merely illustrative snowflakes in the blizzard of information we are endeavoring to manage. But there is no value to business, government, education, or to any of us as users … Read More
An editorial essay this morning in The Washington Post gave attention to a case argued last week before the United States Supreme Court, Jones v. United States. As Jonathan Turley, a law professor at George Washington University, reviewed the case here, the issue under review is one of privacy under the U.S. Constitution. Prof. Turley’s analysis followed an earlier Washington Post essay by David Cole, a Georgetown law professor, concluding that the U.S. government’s actions under review confirmed “Big Brother has arrived, and we have invited him in.”
Both professors are scholars I respect. They have accurately reported the issues presented as ones arising under the U.S. Constitution and its limits on the power of the state to … Read More
The White House, the Open Identity Exchange (and its member companies, including PayPal, Symantec, Verizon, Google, and AT&T) and others advocate that each Internet user acquire an online ID, a mechanism for establishing one’s identity to Internet-based systems, websites, and services. The ID would also record and share attribute data about an individual (age, address, birthdate, etc.) in order to accelerate the information collection and validation process that so often confronts each of us in establishing a relationship with a new asset.
In nearly every scenario, the ID would include a hardware component, on which additional identifier data could be embedded and communicated as part of each session without any user activity required. Existing userid/password methods of authentication would be … Read More
In launching the Ritter Academy, I, along with the entire team, are doing something we believe to be unique—creating visual-based knowledge assets and training tools that empower professionals to access, acquire and retain complex information about the rules with which we are to manage digital information. At other education levels, particularly K-12, extensive innovation is occurring in using visual maps to teach. There are a few examples of maps entering college classrooms, and the number is increasing. But we were not aware, as we launched the Academy, of any other initiatives like ours. You wonder each day if the work in which we have invested over five years of development is truly going to make a difference. I know, … Read More
Every business model of the 20th century is built around managing risk. But no one ever decides to do business because they decide there is no risk– they make a buying decision, or select a business partner, because they affirmatively decide to trust someone. Trust is the essential driver of all purchase decisions. However, it is very rare that you hear a business build its management model around driving and expanding trust. Instead, investment in new technology and new business processes are justified based on the need to reduce or control risk. The time has come to abandon this model – in a global competitive market, where the Internet enables any customer to “route around failure" and select an alternative … Read More