Me, speaking and teaching in 2015

alec guiness as Obiwan kenobi

Elderly data jedi imparts cryptic wisdom (film at 11)

So, a bunch of people have asked me to speak at events this year. And this is ON TOP of events and training I’m doing with my company (Castlebridge Associates).

Due to client commitments I’m unable to make it to my usual Californian summer conference DGIQ this year, but my colleague Katherine will be presenting there in June.

Not a bad diary! Now, to fit the big client engagements in around that…

Irish Water channelling Alec Guinness


Irish Water is working hard on Twitter and in other forums to convince itself, if not us, that all is well with regard to their Data Protection policies and procedures.

In response to questions raised about the retention of data, specifically PPSN data once allowance entitlements are validated and personal data of non-customers, Irish Water have trotted out the standard 140 character line. Their response is essentially a variation on the following:

Data will be stored in Irish Water, after a customer ceases to be a customer but not longer than is required by law.

It is that response that has prompted my choice of image for this post. Those of you over the age of 12 will recognise Alec Guinness in one of his most famous mortgage paying roles, Obi Wan Kenobi in the original Star Wars. And why does my brain make this connection?

These aren’t the droids you’re looking for. You can go about your business. Move along” (waves hand enigmatically)

Unfortunately for Irish Water many of us are not as feeble minded as an Imperial Storm Trooper in a fictional universe. These Jedi Mind Tricks don’t work. We have a detailed specification for the specific droids we are seeking and we are pretty sure those are they.

  1. What is the specific purpose for the processing and retention of non-customer data by Irish Water? (i.e. why are they processing data about people who are not connected to a public water supply?)
  2. What is the retention period for that data? Why is it being retained? What is the basis for the retention period that has been selected that makes that retention proportionate? Which law are they operating within for their retention period?
  3. What is the retention period that Irish Water are applying to PPSN data provided to them? Why is that data being retained (for what purpose) given that the sole purpose Irish Water has for processing PPSN data is the validation of entitlements, suggesting that once that purpose has been completed the data should be deleted.

These are simple questions. They should be easy to answer if appropriate efforts were made to conduct Privacy by Design based compliance with the Data Protection Acts.

Once this grumpy old Storm Trooper gets a coherent and credible answer I’ll gladly move along.

Insolvency Register–some quick thoughts

So, David Hall is challenging the provisions of the Personal Insolvency Act regarding the publication of details on public registers. I’m quoted in this Irish Times article about it. My comments, which I expand on here as an update to my earlier post, where to the effect that:

  • The publication of detailed personal data on a publicly accessible register would invite the risk of identity theft in the absence of any appropriate controls over the access to that data.

Examples of public registers where controls are in place are the Electoral Register (search one name and address at a time), and the Companies Registration Office (find out the home addresses of Directors if you pay a small admin fee), or the list of Revenue Tax defaulters (publication only over a threshold, summary personal data published).

Public does not mean Open. Public means that it should be able to be accessed, subject to appropriate controls. The requirement to name people who are in an insolvency arrangement needs to be balanced against their right to personal data privacy and the risk of identity theft or fraud through the use of published personal data.

The mockup Register entries presented on the ISI website may do the organisation a disservice with the level of data they suggest would be included and I await the publication of further revisions and the implementation of a control mechanism to introduce balance between the requirement to publish a Register and the need to protect personal data privacy. But of course, Section 133 of the Personal Insolvency Act is silent as to what the actual content of the published Registers should be (at least as far as I can see). So there is scope for some haggling over the content of what the final Registers will be.

A key question to be considered here is what is the purpose of the Registers and what is the minimum data that would be adequate and relevant to be provided on a Register to meet that purpose.

Section 133(4) allows for the public to “inspect a Register at all reasonable times" and to take extracts or copies of entries, and even allows for a small fee to be charged (the “reasonable cost of making a copy”). So there is scope for some form of access control to be put in place either with a search mechanism like the electoral register and/or the operation of a paywall for the making of copies (e.g. generating a pdf report on headed paper, at €1 a go).

  • Section 186 of the Personal Insolvency Act needs to be interpreted and applied with care.

Section 186 of the Personal Insolvency Act purports to suspend the operation of Section 4 of the Data Protection Acts in certain circumstances. This is the section which allows a Data Subject to request a copy of their personal data. This is a basic right under the Acts.

However the Data Protection Acts already contain provisions which allow for the suspension of Section 4 in Section 5 of the Data Protection Acts. Specifically Section 5(1)(d) allows for an exclusion for data which is being processed in the performance of a statutory function intended

…to protect members of the public against financial loss occasioned by

i) dishonesty, incompetence, or malpractice on the part of persons concerned in the provision of banking, insurance, investment or other financial services or in the management of companies or similar organisations

ii) the conduct of persons who have at any time been adjudicated bankrupt

in any case where the application of that section would be likely to prejudice the proper performance of any of those functions.

The operation of the Insolvency Service of Ireland would appear to fall under this section. But rather than a blanket exclusion, Section 5 has a more nuanced approach – you can’t have your data if it will prejudice the proper performance of the ISI’s role. Of course, 5(1)(d) only kicks in if there has been dishonesty, incompetence, or malpractice on the part of a bank that has resulted in a financial loss or risk of financial loss to the Data Subject.

Section 5 gives a number of other grounds for exclusion from the operation of Section 4. Among them are:

  • If disclosing the data is contrary to the interests of protection the international relations of the State (which would raise an eyebrow I’m sure if cited in an insolvency situation).
  • If legal privilege attaches to the records in the case of communications between clients and legal advisers.

If the restriction is on disclosure of personal data during the course of an investigation then this would likely be covered under Section 5(1)(a ) and there is legislative precedent in the Property Services (Regulation) Act 2011 to extend that to an investigation undertaken by the PRA under that Act.

An explanation and clarification?

The ISI has similar powers of investigation and prosecution of offences (section 180 and Chapter 5 of the Personal Insolvency Act 2012). Therefore the exemption from disclosure under Section 5(1)(a ) would apply. A “belt and braces” inclusion of an exemption from section 4 of the DPA for the investigation of offences would be consistent with the Acts.

However this would only be the case for the investigation of an offence. The processing of a general complaint would not fall within the scope of an offence under the Insolvency Act or other legislation.

Therefore a blanket opt out would not exist. If an offence is suspected Section 186 reinforces the existing provisions of the Data Protection Acts. But general complaints to the Complaints committee would (based on my reading) not, unless the complaint wound up in an offence being detected. Of course a Data Subject would only be entitled to their own data.

A recent case involving the DPC and Dublin Bus made it clear that the potential for civil proceedings or a complaint were not grounds to refuse a Subject Access Request.

  • Excessive Retention of Data on Public Registers is a concern.

This, of course, is another biggie from a Data Protection point of view.How long does this data need to be held for? In the UK similar schemes have the personal data removed from the public register 3 months after the debtor exits the scheme. Here…

Section 170 of the Personal Insolvency Act indicates that Personal Insolvency Practitioners will need to retain data for 6 years after the “completion of the activity to which the record relates”. This is consistent with the statute of limitations on a debt and makes sense – it would allow people who avail of an Arrangement to get access to information about their arrangement if required. However it is not the same as the Public Registers.

Section 133 sets out the provisions relating to the Registers of Insolvency Arrangements. It says nothing about the length of time a person’s data will be listed on a Register. Given the purpose is to maintain a searchable register of people who are in Insolvency Arrangements, the principle of not retaining data for longer than it is required for a stated purpose kicks in.

And, as is all to often the case in Irish legislation, we seem to be left looking to the UK for a benchmark period for retention: Duration of Arrangement plus 3 months… but that may be 3 months longer than required.

  • Personal Solvency Practitioners acting as Data Processors, and the implications for security and awareness of obligations under the Data Protection Acts

This is a squeaky wheel issue in many respects. All too often organsiations will outsource functions or engage people to perform functions on their behalf on contract, which would set out the purposes of the processing and the role of the Processor and sanctions for breaching their obligations. The Personal Insolvency Act sets out how Personal Insolvency Practitioners will be appointed, empowers the ISI to set standards re: their level of education and skill, and imposes sanctions for breaches of the standards of conduct of the role.

The function of a PIP is one which could have been undertaken internally within the ISI but it has been decided to outsource it to these PIPs.

Therefore a PIP is likely to be viewed as a Data Processor acting on behalf of the Data Controller (ISI) [for more on this read here]. Therefore they need to be taking (at a minimum) appropriate security measures to prevent unauthorised access to data. The concern I expressed in the article was that it is an unknown quantity what level of understanding of their obligations under the Data Protection Acts a PIP will have and what training (if any) will be provided.

Section 161(c) of the Personal Insolvency Act 2012 provides a mechanism for this to be addressed through the prescribing of the completion of appropriate training from a qualified trainer with a proficiency in Data Protection as one of the training requirements for authorisation as a PIP.

[Disclosure: my company provides an extensive range of Data Protection compliance review and training services]

Wrong thinking about Devices

I’m addicted to the think. Every day, when not thoroughly occupied with the challenges of a client strategy or issue, I find myself drawn to hard thinking. Sometimes I even get people plying me with think.

Like this past few weeks. Lots of think.

One thing I’ve been asked to think about is the whole area of Bring Your Own Device, colloquially known as “BYOD”. I understand that this emerged as a term because people hoped that enterprise technology management would be a lot like a college house party. You’d bring a bottle and go home with two bottles of something better than you went with. Which in tech terms might be going with an Android JellyBean device and coming home with an iPhone and a Windows 8 slate.

But everyone is wrong. The focus is wrong. Because we have in effect focussed on the size, colour, shape, and label of the bottles in our BYOD/BYOB thinking. In doing so we’ve missed the importance of what is in those bottles. Which is important if you find out that you’ve arrived home from your party with two bottles of water when you had been expecting vodka.

From a process and governance perspective what we are actually dealing with is a classically simple issue that has just been obscured because:

  1. In the old days the company gave you your bottle and you where damn glad to have one (i.e. they provided the technology you used to do things)
  2. We entered the hooplah hype cycle at the time when everyone was jumping up and down like 5 year olds on Christmas morning when they find Santa has left them a bike. – “YAY!!!! TOYS!!!!!

What we are actually dealing with is a problem not of how to allow people to use their devices but rather a problem of how to give people access to resources in a secure and controlled manner when we don’t own the bottles any more. This requires organisations to do some thinking. What can be done to ensure that people are given access to resources in the right way?

Some thoughts spring to mind:

  1. Define standards for the bottle (the device) you will let people bring to the barrel to be filled with yummy data/booze. Provide data in 1 litre chunks, or require 32GB capacity and perhaps limit the OS versions you’ll allow
  2. Put a bottle in their pocket: Implement a standard workspace that sits on the device that you can control the parameters of.
  3. Sell them the bottles (i.e stick with only allowing approved company issue devices).

Of course, the world is a complicated place so when people start using their own device for work purposes it means there is a risk that the red wine you are giving them for work will be mixed with the white wine of their private personal world. That means the practice of giving them a bottle that is marked “WORK” would be sensible.

By reframing the thinking away from the fact that they are bringing a device to the party but instead looking at how access to data, applications, and other resources will be provided to n variants of platform the organisation can begin to think strategically without getting bogged down in detail.

It also gives a great branding opportunity for the strategy. This is a strategy for GIVING ACCESS TO OUR RESOURCES. Abbreviated it is a GATOR Strategy.

So, does your organisation have a GATOR strategy yet? If not, you should really get one. And make it snappy.

Lego System and the Value Delivery System

I love Lego. The fact that my Facebook avatar is a sinister looking “Liago” man from a Chinese clone of the famous Lego System is a little personal in-joke (and I’d love to see what their facial recognition makes of that). But I also love my daughter, who is bright, imaginative, and creative. And I hate to see anything that might curtail that and box her thinking into a gender-appropriate bucket that she might struggle to climb out of in years to come.

That’s why I hate the fact that ‘girls’ toys are all pink. I’ve given up to an extent on the battle against all girls’ clothes being default pink. Everyone seems to think this is the way it has always been, but no it’s not. It’s new, and it has been the other way around as well. Here’s a quote from an article in the Smithsonian Institute’s magazine:

For example, a June 1918 article from the trade publication Earnshaw’s Infants’ Department said, “The generally accepted rule is pink for the boys, and blue for the girls. The reason is that pink, being a more decided and stronger color, is more suitable for the boy, while blue, which is more delicate and dainty, is prettier for the girl.” Other sources said blue was flattering for blonds, pink for brunettes; or blue was for blue-eyed babies, pink for brown-eyed babies, according to Paoletti.

In 1927, Time magazine printed a chart showing sex-appropriate colors for girls and boys according to leading U.S. stores. In Boston, Filene’s told parents to dress boys in pink. So did Best & Co. in New York City, Halle’s in Cleveland and Marshall Field in Chicago.

But Lego is supposed to be different. It is supposed to allow children to think outside the box (literally as well as metaphorically). My fondest memories of childhood centre on a massive 30 litre white bucket that my grandmother bought at a time before my memory which was filled with every piece of Lego bought for my uncles, for me, my brothers and which did the rounds of ALL my cousins.35 year old Lego being played with without prefixed form or format, constrained only by our imaginations and the laws of physics, whether we were boys or girls (I’ll admit – mostly boys, but that just makes my next point more important as I do have some girls in my extended family).

New Lego is shit. More precisely: New Lego for Girls is shit. Sexist, insulting, degrading shit. It is so shit that I will not let it in my house. Ever. Here’s why:

Lego Friends–Silly imagination retarding lego playsets for girls.

So.. gone are the fun Lego person minifigures, replaced with anatomically approximate figurines with long hair. Who go shopping. And hang out with their friends. And have handbags and Beauty parlours and cake shops.

Jebus. There’s no need for any small girl to risk burning out a brain cell engaging in that ‘imagination’ thing. Keep your brain inside the small box that society is creating for you, accept the parameters and all will be well. Compare to the style of the ‘boys’ Lego (which is a slightly formulised version of the Lego I love)

Lego that makes you think about what might be possible….

Yes. I’m guessing the Astronaut is a boy. (I secretly suspect girl astronauts wouldn’t have sent a broken satellite into space or would have been more careful with the fragile bits when it got there).

Lego say that their product design is based on market research and studying what girls play with. This is a mistake. This basically means that their research has essentially asked questions like:

  • “How have different genders reacted to mass market indoctrination by other toy manufacturers who are creating pre-assembled play sets? ”
  • “When faced with a choice of toys in pink, pink, or pink that establish certain female gender roles, do girls choose the astronaut (who is not an option they can chose)”

Which, unsurprisingly has left them with the answer that girls like pink, want to have a beauty parlour, and the only space they are interested in is the one where they will be building their beauty parlour.

This inevitably has lead Lego to creating a range of products that women find sexist and demeaning and men find to be a heretical travesty of the concept of Lego as we know it.

What might they have done differently?

A few years ago my friend and mentor Andrew Griffiths introduced me to the concepts and principles of the Value Delivery System, as developed by Michael Lanning at McKinsey and subsequently refined by Lanning in his own consulting work. Andrew helped knock some corners off the concepts when he was in McKinsey and gave me a first-hand insight into the power of the method.

(Incidentally, the term “value proposition” in marketing comes from this Value Delivery System but is used today with a meaning that is less than that which Lanning first promoted it.)

Key to the Value Delivery System method that Lanning developed is the idea of the Key Resulting Outcome that the customer wishes to have. Once that is identified, the organisation can determine how to deliver that Key Resulting outcome using their products and services. In his book, Lanning cites the development of the Polaroid Instamatic camera as a good example of a Key Resulting Outcome triggering innovation. The inventor, Mr Land, was taking photographs at his daughter’s birthday. She apparently had a tantrum when he told her she couldn’t “see the photographs now!!”, which sparked the development of a technology that shook up photography and related industries (like pharmacies and camera shops) for nearly five decades.

I often work back from what a company is delivering through or with data to identify the Key Resulting Outcomes they are giving their customers – as a way of triggering debate about Information Strategy (a cheeky adaptation of Lanning’s method). Applying that approach to Lego’s #NewLegoforGirls I have determined that Lego believes that Parents and Children:

  1. Want imaginations constrained with pre-formed Anglo-European/Anglo-American gender roles and lifestyle expectations. Girls shouldn’t worry about being astronauts because they can own a cake shop instead.
  2. Want clear demarcation in play and interaction between children of different genders. After all, Astronauts don’t get their hair done at the salon and don’t go for cakes at the coffee shop. They’re too busy fighting aliens and fixing satellites.
  3. Want girls to identify from an early age with female body shape identity and “gender appropriate”clothing and colours (like pinks). So the “Lego Friends” figures have curves and bumps and boobs and long hair, while the traditional Lego MiniFigures have comical faces painted on, but remain blocky and androgynous apart from that (yes.. I know the minifigures have ‘wigs’ with long hair and can have bodies made with painted on dresses as much as painted on uniforms but…they’re not as ‘in your face’ about it).

Frankly, the Key Resulting Outcomes I actually want from toys for my daughter are:

  1. Stimulate imagination and creativity
  2. Promote group play and interaction, so that skills of cooperation and planning can be developed
  3. Allow her freedom to imagine herself in any role/job/scenario she may want, whether that’s cake shop owner or astronaut
  4. Provide a format and system within which the gender biases and cultural short-hand of the marketing departments of other lazy toymakers can be set aside and open explorative play and imagination can be developed.

Like in the old days. The way Lego used to be. Right now I fear Lego may be facing a “New Coke” moment. Parents (and dare I say it, grandparents who fought the feminist battles of the 1970s and 1980s) are sick of society and toy makers being lazy and putting the imaginations of children into boxes that are shaped by relatively recent colour charts (1940s) and ridiculously inane and sexist stereotypes of gender roles and possibilities.

Lego should be about possibility, not pink. That is the Value that the Lego System should be delivering.

When my daughter plays with Lego, I want her to feel free and encouraged to imagine the day she opens her Beauty Parlour/Cake Shop.

On Mars.

After she’s led the first successful manned mission there.

As an Astronaut.

Triskaidekaphobia Cars and Information Economics

So, the Irish Government has decided – based it would seem solely on the analysis and advice of the Society for the Irish Motor Industry- to introduce a revised licence plate system for Irish cars starting from January of next year.

The reasoning put forward is that fear of the number 13 will hamper car sales (superstition) and people don’t like the current system because they don’t know for certain when a car was manufactured (snobbery).


To address the snobbery element first, according to comments from SIMI quoted in the Irish Independent:

Even though 70pc of new cars are bought during the first four months of the year, some consumers believe that it doesn’t accurately reflect the real age of a new car since cars bought in January are obviously manufactured the previous year while those bought later in the year are actually made in the same year

So. 70% of all new cars are purchased in the first four months of the year. That’s a good statistic. It means that, on average, 3.75% of all new cars are sold in each of the remaining 8 months of the year. From that a reasonable guesstimate of the value at risk in each month can be worked out.

What is not a good statistic is “some consumers”. Is that one consumer, one consumer and their friend from the gym, 1000 consumers, or every consumer who buys a car in the first 4 months of the year? If is the latter it obviously doesn’t bother them that much or they wouldn’t buy until later in the year.

Surely a better and more cost effective approach would be for the SIMI to educate purchasers about the manufacture and supply chain processes that apply to vehicles. Bluntly – car manufacturers don’t build cars in the hope they will sell them. That’s too expensive. They apply logistics principles to build enough to just about meet forecast demand. And no more. So a car purchased in January will not have been sitting in a storage facility for a dozen months. It will be relatively recent.

And does the fact that it was manufactured in the previous calendar year actually matter if features, specifications, and price are the same in December 2012 versus January 2013. I know from experience that the announcement of a new model of a car affects book value, but, excluding the change of model for a moment, logistics need to be considered when we think about the idea of the year of manufacture being a real decision point for people. After all, a car manufactured in January 2013 will be using parts that were on-hand at end December 2012, that were probably ordered at the start of December 2012, and were probably being manufactured by the downstream supplier from October 2012 in anticipation of a glut of orders from car manufacturers in December/January 2012.

The new iPhone isn’t due out for a while yet, but already there are rumours of supply chains having been ramping up for months… that’s how logistics works.

And as the supply chain for vehicles is largely a pull supply chain (building to respond to demand), the easiest way to avoid having a car that was assembled in 2012 delivered to you as a new car in 2013 is to order it in Month 2 or 3 of 2013.

But even then it doesn’t matter as the actual age of components going into the car will depend on the vagaries of supply chain management down the line from the dealership to the nice man in Schenzen whose company makes the screws that hold your sun visor in place.

I can remember a few years ago looking to buy a particular model of car. The dealership didn’t have any in stock and when they (and this is the CSI moment) looked at the logistics system from the manufacturer they were able to tell me when the next one of the model I wanted would be manufactured. There was no great holding pen of stocks waiting for me to turn up and buy.

So… I would really like to see some objective evidence that people actually give a rats ass about when their car is assembled, given that the majority of new cars are purchased in a time period when it would be logical that the supply chain inputs to the delivery of that car would have taken place in the previous year. The data does not correlate.


It’s a number. Currently there are vehicles on the roads in Ireland with the number 13 in their license plate. Not in the year, but in the other element of the license plate.

Surely insurance companies can provide data on the number of claims involving vehicles registered within the past 10 years with the number 13 in their license plate against which we can determine if superstition is borne out by evidence. If it is… brilliant, we can establish an economic value case for changing an otherwise logical and straight forward system.

The National Vehicle database (where registration numbers come from) would likewise have data on how many cars currently have a 13 in their license plate. If people are already avoiding it then the data will be there… lots of 12s, lots of 14s, no 13s.

If not. Then there’s no actual reason to change other than a vague (and quantified) assertion that people won’t buy new cars because they have a 13 in the license plate.


This sounds like a simple change. But it isn’t. Many of the systems that your licence plate goes into are old and could require systems changes to accommodate the new format. Many of these are government departments. For example:

  • National Vehicle Driver File (Dept of Transport)-  reg number and registered owner
  • VRT tax systems (Revenue Commissioners)
  • Gardaí (PULSE system, asset registers for garda vehicles)
  • Insurers
  • Car park ticketing systems such as the Pay-by-SMS service in Dublin (Local Authorities)
  • Car clamping operator systems
  • CIE (they need to log busses)
  • Car Rental operators

It would be interesting to know if the Government commissioned any form of economic impact assessment to off-set the cost of catering to one industry lobby group for a problem that would exist in one year against the costs to the State and other private sector organisations of making systems changes to support the new format.

Particularly given that the changes would need to be implemented before mid December to allow for them to be in place for cars being registered in January.

The reality is that life is not like Star Trek and data is not well managed. I would doubt if there is the required metadata available to do a quick Impact Assessment on the change. At a minimum you would need to know the maximum field lengths for reg numbers in key systems. Other data required would be information on data transfers, batch processing functionality, or edit checking that might be applied to make sure that the full extent of the changes is understood and addressed to avoid any systems or process failures.

I was involved in a lot of that kind of activity in Call Centre systems for Y2K in a former life. It is not easy if things aren’t documented. And they are never documented.

My prediction: It this suggestion goes ahead without any rigorous impact assessment here will be at least one major process failure in January/February 2013 arising from this. It is an idea that, while it may have merits, risks being rushed in without proper impact assessment being performed or any examination of the costs of implementation across the public sector or other private sector users of this information.

In reality there has been a tentative Value case put forward with no corresponding assessment of the costs associated with delivering that value. And a horrendously ambitious time scale to make what is actually a deceptively complicated change.

Daisy (chain) cutters needed

Brian Honan (@brianhonan on twitter) has been keeping me (and the omniverse) updated via Twitter about the trials and tribulations of columnist Matt Honan who was the subject of a Social Engineering attack on his Amazon, Apple, Gmail, and ultimately twitter accounts which resulted in every photograph he had of his young daughter being deleted, along with a whole host of other problems.

Matt writes about his experience in today.

Apart from the salutary lesson about Cloud-based back-up services (putting your eggs in their basket leaves you at the mercy of their ability to recover your data if something goes wrong), Matt’s story also raises some key points about Information Quality and Data Governance and the need to consider Privacy as a Quality Characteristic of data.

Part of the success of the attach on Matt’s accounts hinged on the use of his Credit Card number for identity verification:

…the very four digits that Amazon considers unimportant enough to display in the clear on the web are precisely the same ones that Apple considers secure enough to perform identity verification. The disconnect exposes flaws in data management policies endemic to the entire technology industry, and points to a looming nightmare as we enter the era of cloud computing and connected devices.

So, Amazon view the last four digits as being useful to the customer (quality) so they can identify different cards on their account so they are exposed. But Apple considers that short string of data to be sufficient to validate a person’s identity.

This is a good example of what I call “Purpose Shift” in Information Use. Amazon uses the credit card for processing payments, and need to provide information to customers to help them select the right card. However, in Apple-land, the same string of data (the credit card number) is used both as a means of payment (for iTunes, iCloud etc.) and for verifying your identity when you ring Apple Customer Support.

This shift in purpose changes the sensitivity of the data and either

  • The quality of its display in Amazon (it creates a security risk for other purposes) or
  • The risk of its being relied on by Apple as an identifier (there is no guarantee it has not been swiped, cloned, stolen, or socially engineered from Amazon)

Of course, the same is true of the age old “Security Questions”, which a colleague of mine increasingly calls INsecurity questions.

  • Where were you born?
  • What was your first pet’s name?
  • Who was your favourite teacher?
  • What is your favourite book?
  • What is your favourite sport?
  • Last four digits of your contact phone number?

In the past there would have been a reasonable degree of effort required to gather this kind of information about a person. But with the advent of social media it becomes easier to develop profiles of people and gather key facts about them from their interactions on Facebook, Twitter, etc. The very facts that were “secure” because only the person or their close friends would know it (reducing the risk of unauthorised disclosure) are now widely broadcast – often to the same audience, but increasingly in a manner less like quiet whispers in confidence and more like shouting across a crowded room.

[update: Brian Honan has a great presentation where he shows how (with permission) he managed to steal someone’s identity. The same sources he went to would provide the data to answer or guess “security” questions even if you didn’t want to steal the identity.

The use of and nature of the data has changed (which Tom Redman highlights in Data Driven as being one of the Special Characteristics of Information as an Asset). Therefore the quality of that data for the purpose of being secure is not what it once may have been. Social media and social networking has enabled us to connect with friends and acquaintances and random cat photographers in new and compelling ways, but we risk people putting pieces of our identity together like Verbal Kint creating the myth of Kaiser Sose in the Usual Suspects.

Building Kaiser Soze

Big Data is the current hype cycle in data management because the volumes of data we have available to process are getting bigger, faster, more full of variety. And it is touted as being a potential panacea for all things. Add to that the fact that most of the tools are Open Source and it sounds like a silver bullet. But it is worth remembering that it is not just “the good guys” who take advantage of “Big Data”. The Bad Guys also have access to the same tools and (whether by fair means or foul) often have access to the same data. So while they might not be able to get the exact answer to your “favourite book” they might be able to place you in a statistical population that likes “1984 by George Orwell” and make a guess.

Yes, it appears that some processes may not have been followed correctly by Apple staff (according to Apple), but ‘defence in depth’ thinking applied to security checks would help provide controls and mitigation from process ‘variation’. Ultimately, during my entire time working with Call Centre staff (as an agent, Team Leader, Trainer, and ultimately as an Information Quality consultant) no staff member wanted to do a bad job… but they did want to do the quickest job (call centre metrics) or the ‘best job they thought they should be doing’ (poorly defined processes/poor training).

Ultimately the nature of key data we use to describe ourselves is changing as services and platforms evolve, which means that, from a Privacy and Security perspective, the quality of that information and associated processes may no longer be “fit for purpose”.

As Matt Honan says in his article:

I bought into the Apple account system originally to buy songs at 99 cents a pop, and over the years that same ID has evolved into a single point of entry that controls my phones, tablets, computers and data-driven life. With this AppleID, someone can make thousands of dollars of purchases in an instant, or do damage at a cost that you can’t put a price on.

And that can result in poor quality outcomes for customers, and (in Matt’s case) the loss of the record of a year of his child’s life (which as a father myself would count as possibly the lowest quality outcome of all).

Support your Local Sheriff–why the DPC needs us to help them help us.

Problem Statement

The Irish Government is tripping over itself to win FDI from the new ‘Big Data’ enterprises. Whether it is promoting Ireland as a perfect location for Data Centres (it is, apparently we’re in a temperate Goldilocks zone) or chasing flagship investments in European headquarters for companies such as LinkedIn, Facebook, Zynga Games, Twitter, not to mention the pursuit of “home grown” ‘Big Data’ firms or the development of long term residents like Apple or Amazon from ‘box packers’ or call centres to foot prints of ‘Big Data’ behemoths, the Government can’t help itself.

And why would it. These organisations bring needed jobs, needed credibility to the Irish Economy, and much needed positive headlines for beleaguered politicians.

Of course there is a catch. A small problem. Actually two small problems.Well actually one problem but one that is so small but so significant that it is worth mentioning twice:

Our Data Protection Commissioner is chronically understaffed and, in my view, may lack skills and experience necessary to engage with and properly enforce EU Data Protection regulations.

If the Government is viewing “Data” and its related services as the “New Finance” they are showing precious little evidence of having learned from the failures of the past and I increasingly believe we are facing a scenario where either

  1. A major Data Protection scandal sweeps across big name players in Ireland and the DPC is wholly overwhelmed and cannot respond appropriately.
  2. Once new EU Data Protection Regulations are in place, we find ourselves in the eye of a major Data Protection issue and the Irish DPC finds himself with no option but to cede responsibility for the investigation and enforcement to another EU Data Protection Authority under the enhanced co-operation protocols in the revised Data Protection Directive.

Continue reading

Describe what you do in one word…

This is a challenge an old boss of mine used to set. He was an alpha male. The answer he was looking for was usually a variant of “lead” like “inspire”, “command” or “drink”.

But it is a good exercise to set yourself.

This evening I was responding to an retweet of an article I published on my company website last year. Vish Agashe retweeted this post about data modelling and Data Protection. In response I asked him if he was still finding the ramblings of a legodatapsychoeconotechnoqualitatrian interesting.

Then it hit me. That’s a word. A bloody good word. A “kicking my dad’s arse in scrabble” kind of word. Because it almost perfectly describes me.


No. I am not made of plastic and if you separate my legs from my body you will find it very difficult to reattach them.

But I spent four years half a life time ago studying law and business in UCD. From that study I developed a love of law and all things legal. In particular I developed the skills of legal interpretation and research that all lawyers need to possess.

And, just as (if not more) importantly I developed a network of friends who are lawyers. Yes. Some of my best friends are lawyers. Who’d a thunk it?


No. I am not an android with a positronic brain and the strength of 10 men (I wish). And if you poke me in the back between the shoulder blades I’m more likely to turn around and put you in a painful joint lock or punch you in the face than calmly power down and go lifeless (hint: if you want that, a few bottles of good wine is the best option).

But I am obsessed with data. The capturing and creation of it, the analysis of it, the value of it. It’s what I do. I’m a Data Scientist, but in the “lives in a castle in the mountains and don’t ask about the missing corpses” sense of “scientist” (at least at times).


No. I don’t own a run down motel and I haven’t hacked a young lady to death in the shower. At least not since the dried frog pills kicked in.

However I have been a closet psychologist for years. And once I realised that closets had very few hidden secrets (if you discount fantastical lands ruled by big lions) I turned my attention to the Human Equation in the context of change management and how we perceive and value information.

So, BF Skinner was a lovely man who pigeons experimented on to see just how far would he go to have them support his flawed hypothesis that extrinsic reward/punishment is a key motivator of behaviour. At least that’s my opinion.


Last time I checked I’m not a gas guzzling American mini-van that is anything but economical to run. But, linked to my love of data and the interfaculty degree I did in law and business, I am a fan of economics and economic theory and practice. In particular I’m an advocate of the branch of economics that applies economic principles to the study of law and legal principles, and the application of economic principles to the valuation of and management of data.

What is the value at risk?

Where is the economic equilibrium of risk and reward/supply and demand?

Is the economic deal fair when Entity A gives data to Entity B… what is the valuable consideration given for the exchange of assets?


No. I don’t play annoying 9000 beats per minute europop techno. Except for Saturdays. And even then only when there is a total eclipse of the moon.

But I do enjoy my technology and my tools. I was the first customer in the world for Informatica’s Data Quality offering (back before it was Informatica). And I’ve coded countless Visual Basic skunkworks to do data reformatting, consolidation, reporting etc. And I do like Sharepoint and Drupal and WordPress and Unix and Linux and…..

…  I think you get the picture. I know a few things about databases and database technology. But unfortunately not with a parchment attached to it (yet).


it’s all about quality. Quality of outcomes for the end customer in a value chain. And quality of outcomes for the data controller, or the regulator, or society. Everything comes down to this.

  • Laws exist to regulate outcomes. Often badly
  • How we internalise and conceptualise the customer and the outcome are key to achieiving the right balance.
  • Technology is a tool to getting us there but is not a destination.
  • The economic value is the point at which things are good enough to achieve the outcome that is required… and no more… anything beyond that is a value-add luxury that we can charge premium price for.

Now. Where’s my scrabble board?

The customer conundrum

I’m a customer of a few on-online services. I have really liked using Tweetdeck for the past few months (hang on… years… eek). The problem is that I’m busy. Nuts busy. I’ve a business, a family, and a strange compulsion to sleep maybe a few minutes or three every day or so.

I’m a voracious reader and idea gatherer. This is the problem I’m facing now. Tweetdeck/twitter has put a massive pool of people at my disposal who are sticking post-it notes under my nose every few seconds saying “Hey, you might like this. Click through and read it”. And I do. And I get lost in clicks-ville as I wander through related content.

Continue reading