Thursday Aug 14, 2008

Top Women of the Web

So, I was scrolling thru the Tivo menu the other night & I was all excited when I saw "Top Women of the Web" so I hit record & planned to watch it while I stretched out for my bike ride in the morning. I thought, "cool! Grace Hopper, Anita Borg, Mary Ann Davidson, Radia Pearlman...this will be just geeky great!"

Well, let's just say, the "top" Women of the Web were all certainly top heavy, but not necessarily in the cranium. I felt a little stupid myself for not even considering "top" women were bikini girls, but it certainly got me thinking about the Web, women & why we don't celebrate some of these important people more often. Men and women geeks have impacted our world to far greater measure than the media would have us believe.

Geeks of the world, UNITE!! Let's support each other, mentor each other & help our unique perspectives be heard just when our businesses and the planet need our talents the most.

Here are some of the folks that I would like to have seen in \*my\* version of Top Women of the Web (in no particular order & certainly not inclusive) All of them are icons in their own sphere, all of them have helped me smack down that stupid voice inside saying that I can't or shouldn't or won't:

1. Mary Ann Davidson, CSO, Oracle

This lady is one of my personal heroes. She's a holistic thinker. She's a relentless and tireless security advocate. She's been
personally challenged by Larry the Reputedly-Not-So-Nice on many occasions & yet remains steadfastly Oracled. Her ideas about forcing the Universities that supply vendors like Oracle & Sun to train code slingers safe coding practices and systemic information assurance are bang on:

Mary Ann is also a decorated former military officer. When Mary Ann kicks ass, I don't think it's a figure of speech & I wouldn't want to find out.

2. Sheueling Chang-Shantz, Distinguished Engineer in the Sun Microsystems Laboratories. In addition to being a traditional, it ain't done until the engineering is right & the slide show matches the facts kind of gal, Sheueling is one of the most approachable and ego- free individuals I have encountered.

When you have contributed as much as she has to putting big security in tight corners (amongst other stuff), you deserve to act like a prima diva and a strut a little. Instead, Dr Chang lets her achievements speak for themselves and her warmth invite dialog. I'm a huge fan of both brain & style.

3. Deb Reiman is a woman with whom I recently became acquainted. She manages an investment fund, was a former CEO for Check Point and sits on a number of public company boards. She's one of the business rock stars of the Web age and has been involved in shoring up the defenses of the brick & mortar companies as well as the newbies.

She was kind enough to sit down to breakfast with me one morning-- I wanted to discuss 'selling' data protection at the board level with a serial board member. We fell to chatting about life & work & she inadvertently helped me finally put to rest the 'am I being a good mother with tiny kids by staying with Sun and following my passion'? Answer: YES.

My kids need a safer world to live in. They deserve respect on-line and data integrity. I believe that every human has unique things to bring to the table. I can bring those things to work \*and\* remain close to my girls' hearts. It's a lot of work, but if Deb can do it & have a wonderful relationship with her uber successful kids, I can try & I will keep trying. Thanks Dr. Reiman. You were there when I needed you most & you were only a stranger until that day.

4. Lin Lee. Okay, cheap shot because she's actually my boss. But, before she was tapped to be the top honcho in my chain of command, she was already a trusted friend and ally.

Lin has Vision. Lin can take the worlds of engineering, politics, cultural differences and management styles, mush them all together, clearly articulate them & make it all feel like your idea. She is the rare boss who tells us to think Bigger, instead of the usual mantra of "calm down" "we've always done it this way & making waves won't help" or "stop dreaming about the impossible".

We need more Lins. Big ideas, and lots of support & freedom to chime in with more ideas. That's gender neutral cool. (We also need a better picture for her-- she's an uber babe & this picture of her stinks.)

5. Lile Deinard, IP lawyer & provider of couch, friendship and inspiration.
I had $50.00 to my name, a BS degree and no clue. Lile Deinard was already a partner in a prestigious New York law firm, a mother of 2 grown children and a friend. Here's what she said,"Michelle, every young girl must live in New York for some period of time. It's a place where the impossible doesn't even merit a turn of the head on the Subway." Sun's kinda like that too.

I add Lile here because one should never underestimate the power of a mentor or of allowing one's self to be mentored. I wouldn't have had the cash for a deposit & first month's rent without this lady's couch; I was able to hack through law school at night with her mental support; I have the thrill seeking desire to dare the impossible because I have been witness to her spirit.

You go geeks & top people of the web! I believe in you. Let's commit to doing a better job of supporting each other.

By the way, back to the Top Women of the Web-- which I actually watched in all my schlumpy glory. I don't get very excited by buying a new tech gadget like a phone or pda or by that many boobs, but I suppose it's a case of differing perspectives.

Finally, someone in house had a great idea of starting a meme chain-- name some of your Top People of the Web. I'm ready for some positive inspiration with perhaps a wee bit less Lycra...okay, maybe an abundance of fabric rather than the alternative...

Just a thought.

Wednesday Jul 30, 2008

The Best 4th Grade Education in the World

Tonight is a true life tale about the power of sharing personal details & reconnecting with people who help shape ones persona. The tie back to privacy is a bit thin, but it's there in fits & starts.

In the Network of YOU, data is shared-- and a risk undertaken-- with the hope, but not promise, that some reward will be achieved. DV > DR = Success.

We share our best efforts filling out tests & term papers for the reward of recognized scholastic effort. We can read alone or perform mathematics in secret & actually grow our knowledge, but learning from others and getting a grade are useful & valuable things.

Sometimes we share stuff just to have a certain level of catharsis but we don't really know if anyone reads or cares about our thoughts. The community of thinkers or of objectors can be a valuable thing too.

Still other times, technology, personally identifiable information shared & our actual/ real/ flesh & blood relationships combine & some really cool stuff can happen.

Put this posting into the Really Cool Stuff category:

So, I'm sitting in my office & trying to figure out how I will get to about 5 conflicting fall conferences & meetings all squished in & I have a nagging irritation in the back of my brain that I MUST call Drew C.

(Drew is, incidentally, a super smartie data valuation guy with whom I am currently conspiring to create something very very cool.)

From out of the blue, a got an email telling me that I've got a comment on my blog from my fourth grade teacher!!!!

Small world & cool internet moment & all that but, what makes this exceptional is that this was THE teacher in my life who first made a difference; the person who made me feel like being weird all the time actually made me kinda special; that just being myself & dreaming my own dreams was not just tolerable, but pretty great.

When I was in fourth grade, I thought that boys were 'yucky' & I told Mr. F. that this was so. He said, "I'll bet when you're a few years older that you'll feel differently."

So, never one to shrink from a challenge, I said that I bet him $5.00 that he was wrong.

He smiled & said, one day you'll grow up & get married. When that happens I will come to your wedding.

This may be why I don't gamble.

My family moved away the next year. I kept in touch with Mr. F, writing letters. A few years later one of my letters arrived containing $5.00. I had a mad crush on a boy named Ted. (Who never did know I was alive. Wherever you are Ted, that chubby brace faced dork 2 rows behind you in Mr Schneider's math class thought you were cuter than Hans Solo.)

When I was in college, Mr F shared those letters that he had saved for all those years with me. I was at a serious cross-roads again at that time & here he was again believing that I could make it-- the power of a great 4th grade education, after all, should never be underestimated.

I worked my tail off between undergrad & put myself through law school at night through a serious of odd & intense jobs & lost touch with Mr F. After I started practicing law, I had moved out to California & was planning to be married when I received a call from Mr F who had bumped into my mom & dad. He & his wife had retired (sort of-- he's STILL teaching part time after nearly half a century of encouraging kids like me!!) &, sure enough, he kept his word & he & his wife were there, grinning broadly as I walked down the aisle with my dad.

Insane law firm job, crazier still Sun job, house burning down & 2 kids & just plain old life later & I became so caught up in the day to day that I neglected to write to my favorite pen pal for many years. Until today.

Thanks to the Network, open communication practices & a really great memory of Mrs F to recall my maiden name, my favorite 4th grade teacher & I reconnected. We chatted for a while, I sent him pictures of my ladies & just got caught up. I cannot begin to express what a joy that is to me.

We as an industry & as a global community WILL figure out how to secure communications channels because we MUST. We WILL figure out how to measure out appropriate levels of authentication, and use of information with respect & trust.

Connecting to those who are near & dear should be simple. It's not. It would be lovely if we could collect all of our favorite people & our future favorite people & always be within walking distance. Not possible.

We can, should, must understand the Value that makes it worthwhile to take a manageable Risk to connect with the appropriate layers of confidentiality. We'll figure out how to keep the DV > DR.

Today, my personal equation is in balance. I may sound like a soppy bonehead weirdo on this blog but, among other things, the blogoshpere is keeping me grounded in the best parts of my past. Such is the power & the relevance of a really great 4th grade education from the best 4th grade teacher in the world.

Just a 1970's thought...

Friday Jul 25, 2008

Inspiration, Randy Pausch &

Randy Pausch died today. If you haven't heard The Last Lecture, do. It's a love story from Dr. Pausch to his wife Jai, to his three little kids and to life.

One of Dr. Pausch's virtual children (through some very smart doctoral types) is The proposition was to create something to get certain kids-- particularly young girl kids who are being culturized away from technology studies-- to become excited about programming. In Dr. Pausch's words "the head fake" was while the kids were learning to play games, they were also learning to sling code.

Here's one of my favorite quotes from the Lecture, "The brick walls are there to stop the people who don't want it badly enough. They are there to stop the other people."

I'm working on a wall that looks like this:

Data = Risk
Data = Value

DV > DR = Success

We will take this thorn covered wall down brick by brick in the coming months. It's inception and what this means for the future of data control has left my blog a bit silent in the last little while here, but more is on its way.

Thank you Dr. Randy Pausch. My thoughts & prayers are with your family & friends tonight. I hope we all can live up to your legacy & that we can all have as much fun as you did along the way!

Tuesday Jun 17, 2008

Happy Father's Day

So, it was Father's Day this past Sunday here in the US-- a greeting card confection of a holiday to be sure, but a great day to stop & think about your dad. My girls can blog about their wonderful dad one day. This blog belongs to Daddy-- the geeked out, meta data, privacy & security, super sarcastic wise acre guy Dad who is \*my\* dad.

This is him:

He's a smartie and a first gen privacy guy even though he would likely answer to architect or something of the sort. The cool thing is that he's been around the computer business since the punch card days & he knows many of the why's that we take for granted were built in the first place. If you think Miss Thang is hilarious, she's got nothing on my dad. Unfortunately he also periodically checks up on my blog, so I have to behave myself a bit. Perhaps he'll get a code name in future episodes...

Dad's first entrepreneurial exercise was in software that helped large mainframe computers do a "data dump". Old data was bogging machines down & causing them to malfunction or stop functioning altogether.

Here I sit, 30+ years later & what I'm working out today is how do we do enough data dumping to keep the assets driving value & dump those driving inefficiency & causing foolish risk.

Hmmm. I'd better call my dad.

Love you Poppa Finn! You are my inspiration AND you make me laugh. For what more could a girl ask? (Don't tell Mom I blogged about you first.) ;-)

Wednesday May 28, 2008

The missing chair in your boardroom

Hi all,

The attached is an article we did for Sun's Inner Circle newsletter. The lovely Robin Wilton-- IDm guru extraordinaire-- liked it well enough to blog about it here: at (Very cool!)

So, I am reproducing it here & would love to hear your thoughts.

Here's the link:

& the article:

The Missing Chair Around Your Boardroom Table

Protecting privacy is an inevitable challenge in a free society. With more and more personal information moving onto the Internet, what role must companies assume to protect employee and customer privacy? And globally, what are the implications for privacy with regard to cultural differences and harmonization of identity and data protection standards?

Sun Chief Privacy Officer Michelle Dennedy calls this participatory Web era the "Network of You." Below she shares her views on how companies can protect their assets and stakeholders by expanding the way they think about data privacy and personal information management.

Q: What is the "Network of You?"

A: The "Network of You" is a concept that links traditional business practices to evolving Web 2.0 practices in the new environment of data-enriched enablement. The Network of You recognizes that for the first time in human history, we can individually participate in a global web of information flow. There is obviously a strong economic benefit, but there is also a strong risk factor if we're not careful.

Q: What are the most worrisome threats to online users' privacy?

A: The most worrisome threats are the unplanned, unexpected uses of information that violate individual cultural or legal mores. Organizations can fail to notify users about why they're collecting information — or that they're collecting information at all. They can fall into the trap of abusing collected information for which they are a fiduciary, but not an owner. Information about individuals is the currency flowing through the enterprise and that enterprise becomes, in a sense, its banker. One of the biggest threats is failing to recognize the power of information as a leverageable asset. When you collect too much, not enough, or the wrong information, you store risk that doesn't drive value back into the organization.
Information about individuals is the currency flowing through the enterprise and that enterprise becomes, in a sense, its banker.

To quantify the risk involved, we can look at the case study of breach notification legal requirements. In the U.S., it's becoming typical for organizations that have been forced to notify customers about a data loss to provide two years of credit protection per record lost. So if you lose a laptop that contained 100,000 records with a standard credit protection cost of roughly $40 per record, per year, for two years, you're looking at a potential liability hit of $8 million. That figure doesn't account for brand loss, sales opportunities lost, lawyer fees, or the paper exercise of sending out letters. And that's just a ballpark — I've heard figures from banks up to $500 million, or $250 per record for a major breach.

Treating data as an asset up front and giving it the respect it deserves frees precious organizational time for communicating with customers about the stuff that drives revenue.

Q: Data control is said to now be a boardroom issue as well as an IT issue. Thoughts?

A: It's absolutely a boardroom issue due to the ascendancy of information as the most valuable asset. I think there is an empty chair at the CEO's table that is unique in charter from the chief financial officer, general counsel, chief information officer or chief privacy officer. If the trend to use, collect, and manage data and to connect with customers and workers on a global scale continues, there will be a significant role for new types of executive leadership in the boardroom.

There needs to be an information control officer who looks at information the same way you look at cash, with the nuance that information about human beings is non-replaceable. Once you have disenfranchised your customers or employees because you failed to protect their information, you can't get them back as readily as you can recover cash if you have executed poorly in your capital investments. One of the ongoing tasks for this new executive will be to partner with the CFO, CIO, HR, and R&D leaders to help drive in economic value and drive out risk by only collecting information that has value and doesn't cause harm.

In the short term, existing business unit leaders share in these new data asset and liability-driven duties, and each must become his or her own data advocate, legal advisor, and accountant.

The expanding universe of stakeholders and government regulations like the U.S. state data breach notification laws, the Gramm-Leach-Bliley Act, HIPAA, EU Directives, member state regulations, and the Canadian PIPEDA and other international regulatory frameworks will continue to complicate the business landscape. At the same time, a global community of users and creative entrepreneurial opportunities will continue to press for more data, more control, more transparency, and more respect than ever before.

Q: Is technology the problem or the solution? What technologies can be employed to protect privacy in the online world?

A: Technology can be both. If technology is used in the absence of people or processes, it can be a huge risk. Technology can gobble up more information than any human can possibly consume. Technology can share information faster than human minds can think it, so it can be harmful if you don't have that boardroom-level care of information as well as a system that sets up how information flows, where it is shared, who has access to it, what role those people play in the organization, and assurance that the information is audited.
Identity management technology is critical to understanding "who" is participating on your network.

Identity management technology is critical to understanding "who" is participating on your network. "Who" is your customer and "who" will serve that customer's various needs? Sun has deep identity management leadership and experience in helping with auditing and identity compliance. Sun's capabilities include user provisioning, role management, access management, federation, and directory services. These are examples of technology that can make a big positive impact when deployed with a clear strategy to get in front of the business challenge of "who."

You can centralize and better secure data by using ultra-thin clients like the Sun Ray, which greatly minimizes your data footprint and reduces risk. The only way to use a Sun Ray is by logging in, therefore every action is auditable. Instead of spreading data by duplicating and multiplying it across desktops, a greater proportion of the data stays centrally managed at the server level. Users authenticate and access information that is stored in a guarded place. Then security, privacy, and audit professionals can outreach, manage, and train the person who's allowed to use that interface.

Where data really "sticks" is in your storage strategy. That's where technology, management, and training help you figure out how to utilize your information as an asset. Sun's open data archive solutions enable organizations to change the economic equation for their IT departments because they are 10 times more scalable, use 50 percent less physical space, and can reduce energy costs by a factor of 10 over competing products.

It's critical to understand where you're storing stuff. Your CIO may not be looking at the risk and potential rewards implied by stored data. Which gets back to my "empty seat at the boardroom table" notion. Where it's appropriate, cut down your data footprint to keep the good investments of data that drive value, and systematically get rid of data that only serves to create unmanageable risk.

Q: What role should governments have in helping companies or individuals protect their privacy?

A: Hopefully not a heavy-handed one. My personal responsibility is to cover the globe, and we have business interests in almost every country. We must understand how to harmonize information flows with other governments and protect information through its lifecycle when that lifecycle goes from very restricted civil law countries, to common law jurisdictions, to socialist republics and beyond into emerging economies that are only now selecting a governance strategy for people and data.

We have to agree on the functional definition of how information is protected, despite differences in culture and legal strategies. We can look at how identity management strategies can be deployed to ensure that only the right people at the right time in the right place view authorized information.

Let's say Person A is fulfilling Function B and Strategy C is protecting it. Once you realize that the information pipe is secure, you can rationalize that protection in a common law society like the U.S. where we enforce by regulatory agencies and private litigation. In civil law societies like Europe, where the whip is felt from various agencies, protecting the data pipeline with rigor can satisfy those data protection authorities. When you get to other parts of the world with different notions of individual privacy, you can do that same calculus of role-based access — Person A, Function B, Strategy C — and if that protection is robust and transparent enough, it can satisfy all of these governments with differing enforcement strategies.
You need a leader who understands and cares about data protection and that person must scream from the mountaintops in the language of employees, vendors, and partners to let them know what is expected of them and that data governance is a valuable investment.

Q: What do executives need to be thinking about and planning for over the next five years?

A: People, process, and technology. Your people have to know what to do when. You need a leader who understands and cares about data protection and that person must scream from the mountaintops in the language of employees, vendors, and partners to let them know what is expected of them and that data governance is a valuable investment.

Process has a lot to do with your identity management strategy — who is going to be allowed to look at what when? How long is that information available to those individuals? How do you de-provision those people when they move on? It also has to do with how you determine data value, track it across your enterprise, and protect its integrity throughout its lifecycle.

You have to constantly look at your technology resources, whether you own them or whether you leverage Web 2.0 tools and communities, to determine what brings value. Sun leverages an open, interoperable architecture. The reason people come to Sun and the reason that we are the fiduciary for so much confidential, highly sensitive data is because this architecture allows you to think about the future and where information is going to be stored. All of the information that is housed on those storage media comes at a cost if you lose it, and can bring value if you leverage it well.

Thursday May 08, 2008

Data = Value

Smart thoughts from an inspirational lady:

Some day, on the corporate balance sheet, there will be an entry which reads, "Information"; for in most cases, the information is more valuable than the hardware which processes it. Rear Admiral Grace Murray Hopper

What a wonderful Privacy geek she was.

Monday Apr 28, 2008

A New Day

Hello world.

I felt it important to leave out a better piece of karma so I'm blogging in uncharacteristic succession to my last posting.

It's a sunny Monday following a glorious weekend where I (in not particular order), painted the girl's bathroom a lovely sky blue to match their sassy personalities rather than a rather depressing pale peachy thing; Hung out with my girlies & hubby to attend ballet, a fun math contest (we're geeks) & take the lovelies for a paddle in our local pool; ate fantastic Mediterranean food at a local joint called Dish Dash; drank fantastic wine & a strange waiter driven choice of beer & 7-UP (sounds disgusting but was rather good) & went bowling (& did NOT drink horrid "wine" served at said bowling ally) with my neighbors who also have 2.5 kids all of the same ages. All is well & good.

The point for Friday was really that while this stuff may sound obvious: Data = Value. Data = Currency. No privacy = No value, increased unplanned risk and no new currency sources. It's the Getting It Done bit that sometimes takes screwing up one's courage & never backing down in the face of power struggles and those that love sticking to status quo.

It's a bit messy & it's important to me to communicate that fact along with the other stuff that moves & inspires.

All said, I sincerely thank those of you who reached out a hand of support. I am thankful for your strength & appreciative of your ideas to keep data protection & management on the track of governance & added value.

I will end on a kiddo story as is becoming a bit of a theme for me. This one is from over a year ago, but I keep it close whenever I feel like giving up & giving in.

Data protection is global. Even if we didn't do business around the world (we do), users of data, customers and customers' customers live on every conceivable patch of habitable earth. Given this reality, I have to be on the road more than I would like. (To all you analysts tapping out reports in First Class, I'm the schlump typically crammed in the middle of the largest & often the smelliest people in the back of the plane. Send me a cookie or a drink some time! ;-) )

My daughter, the infamous Miss Thang is old enough to discuss her feelings about everything, & Mom's travel schedule is no exception. One day when she was particularly upset about my not picking her up after school each day, I asked her if she wanted me to quit my job & if that would make her happy. "I don't know. Can I get back to you?" She actually gave it some thought & then said with a bit of an exasperated sigh, "I do want you to be around when I want you, but I don't want you to quit."

"Why?" I said to her. (I was prepared to do her bidding if she really needed it but was greatly relieved to hear that she was okay.)

Miss Thang said, "Well, I \*do\* like the presents from the airports (busted), but most of all, when you talk to your privacy people it makes your face shine."

I hope she didn't look at my face Friday night, but I couldn't put why I do this crazy & sometimes thankless job better than she did. (Note to self, 5 year olds make excellent business coaches if you let them.)

This stuff is important to me because Data = Currency = Value = Social Responsibility. My kids & yours will buy, sell & save data currency & their lives will be either enriched or damaged thereby. If that's not worthy of putting up with a little occasional crud in the workplace, I don't know what is.

In short, I'M BAAAAAACK & I'm not backing down.

Friday Apr 25, 2008

Is That a Shiv in Your Pocket or Are You Just Happy to See Me?

So, for the most part, I try to keep it upbeat here in my bloggaphoric state. I reminisce about privacy glories past & future & chatter on about influences in my life that translate into how privacy strategy is inspired in my head. As I look back over the last several years of postings, I realize that the positive inspirations are pretty accurate.

What I cannot do is discuss actual governance issues that are live or specific to Sun or any of our Customers. What I have not done is talk very much about the day to day how to deal with the Darwinian slug fest of relevance & resources in a multinational corporation. Mostly because I find internal politics bewildering.

Today, I am polishing the newest item in my "shiv in the back" collection. It happens to everyone in the course of a career & from time to time you find that that supposed initial pat on the back or pretended collaboration has a sharp point. I am currently trying to figure out how gracefully to extract my latest shiv without allowing too much political blood letting.

I won't give anything away to shame the guilty party, but the learning process has certainly been instructive and 'character building' for me. In the spirit of transparency, I shall share a glimpse into the life of what is actually fairly functional Big Corp. All in I want to be very clear that I would never have sacrificed time spent with my kids if I didn't believe that Sun is a company with a very high standard of integrity overall. It is. Most days I love working here for that reason.

Privacy is one of those things that is ill defined in most organizations-- every business unit depends upon it to hire employees, deal with internal & external vendors and manage customer relationships. Every organization & business unit has some notion of ownership not only to the data but to the ways & means by which it travels, who gets to decide how to manage it & there is a sense of 'need to know' that is often hierarchical rather than functional.

I am certain that this is office folly rather than anything to do with any subject matter area but an underdefined space seems to invite these types of confrontations. Rather than meetings where people who know how to do things meet to exchange plans and ideas for solving problems, folks who don't understand the subject matter area but either want to block initiatives (sometimes I suspect for sport or a sad type of fun) or "own" the positive outcomes whilst keeping others close to offload any potential downside come late to the party & spend a great deal of time barking orders or undoing productive work. Ego massaging and empire building both are pretty ugly when viewed from the inside.

Such has been my day. We have a small but very experienced team of folks within my direct & virtual team. My job today was to stand in front of bluster & blow hards who would very much like to sound important or would like to seem like leaders because they are loud.

The folks doing the work were somewhat intimidated but, I hope, undaunted. Data privacy, to anyone who has been exposed to it & has been willing to learn, is a complex conversation that must by its very nature span many organizations.

Winning systemic data privacy control within an organization & spreading that control into products & services, marketing, IT, human resources, legal and other groups is a long term vision. The short term actions that lead to the vision require variant amounts of time, money, expertise, political wherewithal and an ability to compromise to do the best you can with the context and resources available.

I am really really really proud of my guys & feel very Momma Bearish when we are attacked to build up someone's ego. That said, this particular momma bear has learned to remember well the attacker but not to bite.

Shivs in the back are irritating, but they won't stop us. Bluster that things are not perfect, misses the point & loses you potential allies. (Things, of course, will never be retrospectfully "perfect" in the search for respectful relationships to personal data cross culturally over time.) The office nasties can whine & moan all they like-- the work doesn't get any easier & it still needs to get done.

The cool thing, of course, is that a certain level of time & experience has shown that a nice Friday afternoon and leaving the office with an empty briefcase for a rare change makes all the difference to me.

Snicker-snack Jabberwocky. THIS privacy junkie's left the building for the day. I'll be ready & nearly willing to take some of your nastiness on Monday but not before.

So, thank you. You have made me a little bit stronger. You made me hate a job that I adore & one that I do well for only a moment. You have forced me to test my resolve to stay & fight for what is right & what is achievable in data protection. You have made my team rally around each other. I shall shine your shiv with pride & laugh quietly to myself when I make you my ally.

Monday Apr 21, 2008

Context & Poetry that any Mother Could Love

A short poem for you:

In the winter the trees sway.
The cold, icy ground is hard and crunchy.
We play in the snow.
When we walk foot prints appear.
But when we see the snow melting we know it's Spring!

This is how it was actually drafted by Miss Thang (my little lady):

In the winter the trees swae.
The cold icy grawnd is herd and crunchy.
We play in the snoe.
Wen we wock foot prins apeer.
But wen we see the snoo melting we no it is Spring!

This lovely ode to Winter & Spring was accompanied by a picture split in half with a snowman waving from one side of the page under a gray sky to a barefoot girl walking on a flower strewn lawn under a blue sky & red sun.

The final contextual piece here is that Miss T wrote the poem & drew the picture in her bed late at night using her flashlight for her sister, Miss Sweet Cheeks' birthday.

The challenge and the allure of data protection is illustrated by this small information transaction. After first making a rather large assumption that one is communicating in English, obtaining access to the poem given the original searchable words can be a challenge-- not an insurmountable challenge as most of the decent search engines give alternative spelling choices.

Identifying the age and background of its author helps to further determine its credibility or at least how stringent or serious any judgment should be on its literary relevance.

Deciding to share the \*clear\* beginnings of artistic genius to the perhaps later in life chagrin of my Miss Thang was an easy choice.

Understanding the context of its creation and to whom it was written makes the retention schedule and security measures much higher for the original document... but only if you're me.

How we protect, what we protect, How long we protect & with whom we share are important lifecycle questions worthy of constant vigilance. I had this discussion with an IT architect this morning about a large mulitinational organization. Though significantly larger & more complex than my daughter's poetry, the steps we took to analyze his problem were not much different in theory than these.

Wednesday Apr 16, 2008

RSA Palooza 2008

So last week was the gigantor RSA Security conference in San Francisco. Does that sentence sound tired? It should.

The great thing about the SF venue is that it allows me to sleep in my own bed & to hold my girls each day-- after they have fallen asleep & before they awake. In between, I race up & down the Penninsula in madcap traffic & think & breathe security...and this year PRIVACY.

I expected the usual acronyms & tech talks about perimeter controls & bigger & better technology that would solve all ills if only "they" would buy more. This year was different in a very important way.

First, the Executive Security Action Forum (ESAF) meeting. This is the Monday pre-game meeting of ~200 security (and one or two privacy geeks) professionals. I moderated a session with BEA, Yahoo & Google regarding social networking and web 2.0 in the enterprise. I attended a very interesting session regarding the psychological profile of an insider likely to act to harm the enterprise. The discussions were confidential, but the feeling that something was changing started this day. The final session included rock star politicians and industry experts who discussed what we would say to the new US president about the cyber & information asset challenge.

RSA began with 4,000 of my security buddies & I listening to John Thompson, CEO of Symantec, taking about evaluating information, business priorities and what we need to communicate first BEFORE we add 0's & 1's...uh, who gave that cutie the privacy script? What was happening?? Is this a Security gig???

Fast forward through a long week-- I met with Secretary Chertoff, Asst Secretary Greg Garcia (of DHS) (interesting!), Participated in a privacy specific panel on emerging topics with CDT, BITS, Google & moderated by a USA Today reporter; a panel and working session on crisis management and communicating with the Board regarding information protection issues; I did my version of party like a rock star until 10pm at the Executive Women's Forum cocktail party; & capped off the week with a CNBC panel in a series entitled Bigger Thinking.

My fellow panelists for the CNBC bit were Mike Lynch, CEO Autonomy, James Powell, CTO Reuters
& Bruce Schneier, BT Counterpane (& crypto mega star). Intimidated anyone? I don't get nervous about these things because I really care about the topic, but this one had me thinking I would really really like a seat hidden in the corner of some coffee shop instead of playing the role of the whipping girl. I actually think it went off okay. I found the conversation quite fun & the moderator Simon Hobbs very gifted at keeping things moving and lively.

I shall post the URL here as soon as the session goes live on the Bigger Thinking website.

Bottom line, I was not the only person talking about pragmatic privacy at RSA this year. I was not laughed offstage nor did it seem that I was putting anyone to sleep. Not a single soul told me that I simply don't "get it" because I don't happen to believe that gear will do anything without sound practice, business correlation and the right people at the switches.

Something important is happening & I LIKE it...

Friday Mar 28, 2008

Nasal Networks

A brief thought for a Friday

So, I was recently at a business meeting when the man next to me leaned over & confidentially whispered, "You smell really good." Now I'm a girl who does not mind a nice cake of soap, but I have to say this was a new one for me.

Naturally, it got me thinking about privacy, authentication and the very individualized Network of You's that comprise the information web. (I mean come on, what \*would\* a gal think?)

Let's think about a mythical nasal network. I decide to bathe today. I decide the various "lotions & potions" to apply. Perfumes & other specific nasal sensitive additives applied according to mood & circumstance. Now we add the genetic factor. Biometric markers in a whole new category. Mix well with whatever I've decided to eat or drink during the day & my general degree of health. Voila-- a nasal network of authentication is born-- or airborne as it were.

Original, unique, driven by circumstance and user choice...

Authentication at first sniff & very difficult to over preserve, reuse or fail to delete after an appropriate time passes...

Could be a little out there but, before spring pollen season gets into full swing, think about the Nasal Network. My your credit smells lovely. MMM you smell like someone who should have HR data. I can just smell it all now.

Just a wacky Friday thought

Saturday Mar 08, 2008

The Ephemeral ID

I just looked this over briefly & understand that it reads a little rambling & quite longish. If I had more time, this would be short & pithy. It's not. It's a blog. If it makes any sense to you, I'd still love to hear your thoughts:


Ms. Thang is reading Little House on the Prairie with her dad & I can hear the rumble of a deep voice and the lilt of a giggle here & there. I took advantage of this moment of quiet to peek in on Miss Sweet Cheeks where she is sleeping peacefully, clutching a knitted sock dolly, her lovely eyelashes resting lightly on rosy apple blossom cheeks.

Have you ever loved someone so much you were sometimes in physical pain? My ribs feel like they must be broken & my head feels a little weird-- only way I can describe it.


Which leads me, naturally, to thoughts protection & identity management. Of course.

Both of my girls' identities are changing so rapidly. Each day their needs, desires, interests and abilities morph in & out, forward, backward & sideways. Imagine if you will, looking over the identity of just one \*system\* user over the course of time.

Would the 'mature' customer or employee ever bear resemblance again to the 'infant'? Would data collected in the early years of the relationship be relevant in the decision making of today or the strategy planning for tomorrow?

Furthermore, is this human data ever \*that\* great a long term predictor for that one user or is it the trend data for many similarly situated individuals that helps us make our plans?

Why then do we insist upon retaining account data associated with one person for any great length of time in an enterprise setting? Anonymous data for many purposes seems to be the more expedient vector.

Granted, there are some details either so static or so stark that they must be retained, but only as they continue to color the present & predict the future.

I, for example, am a human of the XX variety. Like it or no, for certain characteristics, that fact- collected if you will at my birth- continues to be a decent predictor of certain things.

The fact that I am a mom & have freely disclosed that fact is also significant & an okay predictor for some things and a fantastic predictor for others. Threaten a mommy's kids with serious harm, for example, and there's a pretty good chance she will crush your larynx with her pinkie & be more than able to sip a fat free latte guilt free 30 seconds thereafter.

(More ladies should be in senior management for the same reason, but that's a different topic for a different day.)

The point here is that identity management schemes and data collected that is associated with one's ID should contemplate the temporal who I am now, the role I intend to play in this interaction, the role you wish me to play and the roles into which we will both evolve over time.

Take for example, a key fob strategy-- tons of these have been proposed, with some louder than others but not all that different. I suppose one could chose a "role" based on any number of data elements, but that role would only work to gain access to goods or services or more data where the transaction partner has enough flexibility in authentication and alternative goods, services or more data to match the self selected role.

Here's what I mean: Am I an employee or a customer when I eat at the company canteen? Is it relevant know any of my work details to be sure I may enter? Should I bring "Sun employee" data element key fob, or "Sun employee, badge Number XXXXXXXXXXXXXXX, Chief Privacy Officer, digital access level XXX, etc..." Should we have to mess with a dual system or that much over collection just to authenticate into the building that houses the cafe just to get a salad? The system gets to dictate my role, not me.

Question is, in later years, the same user could return as a completely different role by virtue of time or circumstance & now the user would essentially change the role rather than evolving the relationship. Alternatively, the enterprise can assume that the role holder had changed & can start changing permissions and management of that user's data accordingly based on information that enterprise holds on other similarly situated users. Obviously it makes a difference if I am no longer employed at Sun but no one in the lunch room needs to know or cares if my rank is up or down. (I purposely picked a silly example to make a point, but a similar analysis applies where I am a manager v.when I am acting as an employee;n when I need HR data to figure out my benefits v. when I inspect that system for compliance.)

It's not a bad thought from a management perspective to add and add and add or whittle away notice because the predictive trust that the user gains may, in that case, outweigh the need for fresh 'clear & conspicuous' legal notice. Here, the old timer customer, gets a "Hi Michelle!" v. the dreaded "Hello Ma'am." or the frequent customer starts to get discounts and nice extras without clicking on an email offer.

But, you see, it is the individual data that often describes her role. It is the individual mom's right to dream that she will not grow old, that she will still be able to make her girls giggle with a kiss on the tummy or call them 'baby' long after she knows they are not. The role of goofy sentimental clown may beat in the chest of tough competitor and senior executive. No role based ID scheme easily can always discern which part of that human is presenting herself for system authentication or inspection. AND it is that individual's prerogative-- and often her legal right-- to change her mind.

Where the hell did that come from & why is it relevant, you may ask??

It is the data from our customers and employees that they hold most dear, that is most personal, that allows us to serve them...personally. We cannot and should not always predict that each year of service will equal a greater degree of skill for our employee nor will a new customer always purchase less than the tried & true account. Therein lies the rub of roles, role based management and Identities with a capital I.

I'm not saying that really really good IDm or RBAC is impossible or even that it's not valuable. I am, however, saying that it's tricky and that our developers must look to their software/ hardware platforms, their lawyers, their geography & culture lessons...and perhaps into their hearts just a little bit.

Personal data is, after all, personal.

A little bit of a crazy thought before I head in to read a little Harry Potter to Miss Thang...

Tuesday Mar 04, 2008

Farewell to a friend

This is not a privacy related blog today.

The world is short one more lovely young mother who was also a fellow Sun employee. I wish I had slowed my pace to know her better. I wish that various data traces that remain could describe her life & the impact of her untimely & sudden death.

To the blog o sphere, I send my warm regards. Let us all take time to care about the fellow humans pinging back & forth on the network.

One of my favorite & one of the saddest poems in modern literature. Rest in peace my friend:

A. E. Housman. 1859–

To An Athlete Dying Young

THE time you won your town the race
We chaired you through the market-place;
Man and boy stood cheering by,
And home we brought you shoulder-high.

To-day, the road all runners come, 5
Shoulder-high we bring you home,
And set you at your threshold down,
Townsman of a stiller town.

Smart lad, to slip betimes away
From fields where glory does not stay, 10
And early though the laurel grows
It withers quicker than the rose.

Eyes the shady night has shut
Cannot see the record cut,
And silence sounds no worse than cheers 15
After earth has stopped the ears:

Now you will not swell the rout
Of lads that wore their honours out,
Runners whom renown outran
And the name died before the man. 20

So set, before its echoes fade,
The fleet foot on the sill of shade,
And hold to the low lintel up
The still-defended challenge-cup.

And round that early-laurelled head 25
Will flock to gaze the strengthless dead,
And find unwithered on its curls
The garland briefer than a girl's.

Our data may be available for slicing & dicing forever, but our humanity makes all that data actually mean something at the end of the day.

Thursday Feb 14, 2008

Love that Uberpulse!!!

Happy Valentines Day everyone!! My little beasties are sleeping & my sweetie has a nice bottle of wine to go with our take away pizza so this will be a short post.

We had a really fun public facing do at the Sun headquarters over the last two days & the lovely story teller from uberpulse put together this great piece that tells my perspective on the CPO role as it exists today.

We also had some conversation regarding the ethical and organizational dilemmas that face every organization that manages data about other humans.

Check it out:

Privacy, my babies, sweetie & Valentines Day-- doesn't get much better than that for me! What a geek.

Thursday Jan 31, 2008

Paperclip Career Advice

Some advice is just too good not to share. This is a piece of mind blowing advice from Rhonda MacLean who is currently the Director of Security for Barclays Bank. (See She kicks butt on any continent. It has nothing to do with the substance of privacy but everything to do with survival in an amorphous professional career path in a brand new or undefined field.

I call it paper clip advice because once you see it, you may be tempted to think that it's obvious or so ubiquitous that it does not bear repeating. I wish I had invented the paper clip.

Here it is (& I quote): "Be the CEO of your own career."

That's what she said.

I've been thinking about this since she said it at the Executive Women's Forum last Fall. (This is a group that merits some discussion in another post-- it's for folks in the privacy, data management, security, risk, and compliance functions & I have found it to be a must do for my calendar.)

Since that time I have been taking stock- so to speak- of my stakeholders (both professionally & personally), my assets and liabilities, my unique characteristics that make my own personal enterprise valuable or able to trigger value in others. I have started to document things to honestly report to my stakeholders progress and areas where I need more assistance. I've started to think about overall goals, quarterly, annually, overall.

You get the picture. Run your career as carefully and in some ways objectively as you would run a company.

Has my stock risen? Perhaps only in my own reckoning so far, but the exercise in taking a hard look at what is & what can be and where my team needs to go to get our objectives met has been as useful in holding a complex challenge neatly in a consumable package as, well, the humble paper clip. Elegant, tidy and perfectly engineered.

Thank you Rhonda. You are an inspiration.

Tuesday Jan 22, 2008

Showing too much skin is never attractive.

A quick thought relating to an interesting discussion thread on one of the data policy affinity groups.

The debate began as one of ethics & I pose that question to you out there in the web wilderness:

Is it \*ethical\* to include a search of a potential student/ politician/ employee social networking activities & to include the results of that search in a decision making matrix?

What if the individual never intended the information to be public but shared it intentionally anyway?

What if the data is about legal activities clearly outside of the realm of the academic/ public duties/ employment context?

The answers to these questions are emerging & deserve a longer discussion than I'm in the mood for at the minute, but I thought I would share this interesting perspective from one of the group members (& I quote the idea, not the exact quote):

"The content and context of the disclosure almost don't matter. What matters to me is that this person has made a judgment call that this kind and sensitivity of disclosure is okay. That it is okay for that individual in a personal capacity still makes me question their judgment. This is not someone I would hire if I had other options."

Bottom line, over disclosure may imply bad judgment whether that assumption is true or false.

Trouble is, of course, that your definition of over exposure may be wildly, generationally or culturally different from mine.

To finish this light thought for tonight, I have a silly story exposing a bit of my past life working at a patent litigation firm.

There were almost no women at our firm and thus was I selected to be the lucky person to inform one of the staff that her clothes were a bit (okay outrageously) too revealing. (None of the guys were asked to have this little chat & may, in truth, have been hoping that my little heart to heart with this gal would be unsuccessful.) Since I billed out by the hour & was judged thereby I decided to cut to the chase & just put it to her like this:

"Here's the deal. You have a lovely figure and we have all seen enough of it to be in full agreement on this point. You have seen the written dress code. (We \*had\* one which was a bit weird considering that we were all well out of grammar school.) Here's the bottom line-- so to speak. When you are getting dressed to come to work, if you can't fit underwear \*under\* your clothing, the clothing is too small. If we can see any part that should be covered by said underwear, your bad judgment \*and\* your booty will be hanging out."

Now, \*I\* thought these guidelines were relatively straightforward, but I think she just went out & bought smaller undies. Go figure. Social networking policies, like corporate dress codes, may be the subject of interpretation for some time to come!

A light thought...

Wednesday Dec 12, 2007

SuperWeb? Web 2.0? The Network of YOU? It's got me thinkin'

So, today was one of those days that seemed like it lasted about 30 minutes but was jam packed full of activities. My thought for the day is a peek into one of my typically untypical days...

Before the crack of dawn, our US based team was on a call with our EU team, discussing our own internal systems' virtualization work and the project plan to build in governance to that new way of global business.

At 10am, I sat down for the pre-show warm up with my fellow privacy tribal members, Joanne McNabb from the CA State Office of Privacy Protection, Dierdre Mulligan, Law Professor extraordinaire from Berkeley Law School, Jim Allen, CPO of Agilent, Barb Lawler, CPO of Intuit &, Dr. Moira Gunn of NPR's Tech Nation (she was our moderator).

(This event was also graciously and generously attended by some of the very best of the local industry & government policy makers and practitioners who were not otherwise engaged in Globe trotting.)

WOW. Now, if you're not a full fledged privacy geek like me, you may not realize how very cool that particular group of brains are. You'll have to trust me here. This is Woo-eee time.

Check out for the full video & some other stuff relating to the open door panel discussion of The Network of YOU & how empowered data is changing the people, process and technology equation. To cut to the end of the story-- there is a lot of data flowing all around us. It's up to us to decide as a planet where & how we wish to maintain some control or fall victim. You do have privacy for as long as we have anything to say about it. Join The Movement!

After the media palooza, I crunched my head back into the Sun governance world again to participate in the latest internal Mash Up to discuss the Web2.0 expanded view of where the boundaries of the greater Sun Microsystems communities have yet to be explored, much less governed or measured. To cut to the end of this particular tale-- we're only at the beginning. (Ironic, no?). The expanding enterprise is something to discuss in much greater detail on another day.

5pm & time for an even more intimate meeting with team, budget & vendor. Interesting how much good help is worth & costs in this Network of YOU. Sometimes I feel like its the world wide purchase order.

7pm & time for books, jammies, diaper change, bath, diaper change, more books and about 1,000 sloppy kisses from my beautiful little ladies & even a few from my sweetie who was kind enough to bring himself and even a few of his data sensitive portfolio company CEO's to our public event today.

It's 9:30 now & the perfect time to reach out to the good folks in Asia before passing out to do something totally different, yet equally exciting tomorrow.

A good day.

Wednesday Dec 05, 2007

Privacy is Possible, but maybe not secrecy in the Network Of YOU

Here's a little vid that someone shot during a discussion we were having about emerging markets and emerging technologies.

The weird head movements I may have to disown, but I endorse the message even when perhaps captured on video for perpetuity:

Check it out! Thanks to!!

Friday Nov 23, 2007


Here in the US, it's Thanksgiving time.

Yesterday I was privately thankful with some of my extended family, so, in the spirit of both thankfulness & privacy, I shall be thankful here as well.

Sometimes the value of personal data begins as one type of asset and transforms into another over time.

Here, an example that happens to be a true story:

Jeanette. This is a piece of personal information. This individual is probably a woman.

Jeanette lives in the Democratic Republic of the Congo. She is a little more exotic to the Western world & the personal information seems intriguing but not all that unusual in an increasingly globalized world.

Jeanette is a mother of several small children. A whole new element that gives us more to relate to her.

Jeanette once tripped over a tree root and hurt her foot. Medical information.

The soldiers that were pursuing Jeanette when she tripped over that root gang raped Jeanette in front of her children, chopped off her hands with a machete & left her for dead. Unspeakable horrible personally identifiabe data that left me shaking when I first heard her story.

BUT this is NOT a story about how thankful I am not to be in that desperate situation because there is more personally identifiable information that adds the appropriate context on which to begin our hermeneutic journey to evaluate the value of Jeanette's personally identifiable information as an asset to her & to us.

Jeanette did not die. Jeanette refused to die. Jeanette stood. Jeanette comforted her children & got to safety. She enrolled in Women for Women ( to get a micro-loan & seed money for a business that took no more than a few clicks of a few buttons for a privacy geek across the planet but took extraordinary courage, resolve and hopefulness for Jeanette.

Jeanette cares for her kids-- with no hands. Jeanette runs a business just like any entrepreneur. I can't pity or patronize this woman. She is too strong for that. I can only hope to be as strong as Jeanette to face challenges that are so very much smaller.

Jeanette stood. Her personal data is one of my most valuable treasures and I share it with you today.

A once benign piece of personally identifiable information, put into context and seasoned over time can transform itself into something entirely different. In the enterprise context, every individual about whom we store data is connected to us in some way-- weaker in the beginning and stronger with every transaction. Value that data; protect that data; govern that data as if it were one of your most valuable assets. It may be.

I wish for you and yours all the peace that comes from thankfulness in who we are today & hope for who we will be tomorrow. As I learned from Jeanette, sometimes all we have to do to begin the rest of our lives is to stand up and begin.

Just a Happy Thanksgiving thought...

(BTW Women for Women is a terrific group. Please check them out at their mission is to transform the lives of women who are in places & circumstances that will either create nations full of victims or survivors who excel in their community & on a global scale. It's a bold & daring mission. I have taken far more than I have given to this group.)

Tuesday Oct 30, 2007

"Just so you know, Mom"

Holy Cow! I'm just sitting here getting caught up on the daily fun & follies & we just had an earthquake here in Northern California. I'm not actually from here & they scare the ____ out of me. (Hubby loves the weather; I love hubby so here I sit & shake.)

So, time to blog a blog with thoughts on training. We all need to do it...often. We must ensure that our message is clear, audience appropriate and gives clear guidance. Training should be geared so that our fellow fiduciaries of the personal data asset know what to do when all is well & upon whom to call when things go wrong so that we may recover as smoothly as possible.

A note on that last point-- do not ever ever EVER think you are training to guarantee harm will not strike. You're not & you will be sadly disappointed to learn that life will happen & you will, at some point, experience a breakdown in people, process or tools that results in a hit of liability or only a near miss if you're lucky.

Nope, you train, plan, strategize & then train again to run as efficiently as possible and to fail as smoothly and gracefully as possible.

Wear your seatbelt, but have well maintained brakes, learn & practice how to drive regularly & prepare for the idiot with the cell phone & double grande latte supremo who can't seem to use his signals and simply \*must\* occupy your lane \*now\*-- a drivers manual and multiple choice quiz is not enough.

To top off the thought-- and because it's just a great momma story-- here's a bit of wisdom from my very sassy 6 year old:

So, Miss Thang was harassing her toddler sister (the one with the sugar sweet cheeks and scream like a wild banshee when provoked by said 6 year old)...again.

I had just stumbled in from a 12 hour day conversing with people with a privacy issue on most of the populated continents and was already on my last nerve & so not ready for "gimme that" "NOOOOOO" "Mooooom" "WAAAA!" (Repeat this sequence until your ears start bleeding & you'll get the picture.)

Insert Mom intervention to the effect of "Now girls, play nice." "Sharing is fun!" "Play nicely please" ... & other miscellaneous & largely unheard or heeded Character Building Training Stuff.

Finally, I turn to Miss Thang & tell her to get to her room & think about her behavior & how she planned to improve it so Mommy doesn't have to either have a nervous breakdown or agree to fly to Asia in coach again just to get some peace (or both).

(Accountability & consequences are supposed to be excellent training tools after all.)

My little lady gets halfway up the stairs, turns, comes running down & back into the kitchen, hands on hips with uptilted face to announce,

"Just so you know, Mom, you know when you tell me what to do & send me to my room to think about it? Well, I usually just think about it on the stairs. When I get to my room, I mostly think about other stuff & play with my toys."

She turned on her little heel & marched straight up to her room & likely gave not another thought to my training, her sisters toys or her crazy mother who was trying not to laugh so loud lest the Character Building Training Stuff be lost.

All I can think of are my friends in the field, HR, vendors & so on, marching forth & thinking of their data privacy & asset management training & NOT playing with \*their\* toys. Right?

A few random thoughts for a shaky pre Halloween night...

Monday Oct 15, 2007

The Dance of the Employer as Danced by the Employed

Authenticate or Anonymize? Participate or Segment? BS or Truthiness? Disclosure or overreaction?

Dum-da-da da-da, Trah-la Trah-la. Dum-da-da, da-da, Trah-la Trah-la. And so we twirl & twirl.

Sun is a large multinational employer. We provide many services to our Human resources, because they are humans and because they are our resources. Some of those services are provided by fellow Sun employees like myself. Some are provided by a 3d party specialist like my lawyer or payroll or food services.

The employer dance is a complicated score of what services serve without causing undue risk, how these services are managed & audited (both for efficacy and for data governance), how escalations are managed and disclosed for data loss or service mishaps, pre-authentication or on-time authentication, cost effective or full featured, how differing cultures wish to consume these services & so on & so on. The dancer also must be ready to adapt to music, costume & partner changes periodically & often with little warning.

As many data specific issues as possible must be answered before we get started; the ones we didn't contemplate or are changed by time & context we react with process and analysis where possible. The point here is that we dance the dance of "should" and "must". We dance between an impulse to share and an impulse to remain alone or feel that we \*could\* become alone again if we so chose to do so. We dance because it brings us value to share and we dance because we don't like pain.

I'm somewhere between Ginger Rodgers and Gomer Pyle today, but trying my level best to make the right moves to keep the good folks of Sun safe & yet not get in the way of the next pile of benefits. To quote my dad on this one, "Right isn't always easy but it's usually right." ...or should it be left?

More of a sigh than a thought today, but there you have it...

Dum-da-da da-da, Trah-la Trah-la. Dum-da-da, da-da, Trah-la Trah-la.

Tuesday Sep 11, 2007

Data Privacy is about what we share & how we respect others

Hi all,

There is some talk about data privacy being the reason for the VA killings this past spring or at least the reason for inaction to get the killer help & keep him away from other kids.

I absolutely agree with Commissioner Ann Cavoukian's letter attached below in this chain regarding the role data privacy laws played in the Virgina Tech tragegy & in other similar situations. Data privacy did not stop fiduciaries from action. Legal requirements or policy did not stop permissible sharing of critical data.

Data privacy is about reasoned and intentional sharing of information that adds value or prevents harm. Data privacy--ie sharing-- is how we share our HR data to get paid and to recognize excellence. Data privacy-- ie sharing-- is how we delight our customers with great service and by inventing products and services that solves their problems.

There is a time, place & reason for rules and regulations. YES, they need to become harmonized so that it is easier to follow them. To be sure, they can be difficult and confusing and sometimes too heavy handed. They can be used as commercial tools by governments who may not always have pure motives. All realities that require action by data privacy policy & practitioner folks.

There is also a time, place & reason for policy that helps organizations make sense of legal requirements and tie practices and tools into a system designed to serve and to do no harm.

There is also a time, place and reason for people to use systems that contain information about people with wisdom and discretion. Sometimes those people need to share that data to prevent harm or to actively bring about good.

That's what data privacy is.

I got a little excited here, but please see Ann's letter below.


-------- Original Message --------
Subject: Ann Cavoukian letter to the Washington Post

I applaud Commissioner Ann Cavoukian (original author of this statement deleted to protect his privacy, but I agree.):

The Laws Didn't Fail

Monday, September 10, 2007; Page A14

Regarding Marc Fisher's Sept. 2 Metro column, "When Privacy Laws Do More Harm Than Good":

Privacy forms the basis of liberty. The problem lies not with the laws but with those who fail to disclose needed information when required.

Privacy laws allow for the disclosure of information in cases involving the health and safety of individuals or the risk of serious harm. I issued a fact sheet (see http:// to clarify this point and identified circumstances when personal information could be disclosed under Ontario's privacy laws, which I oversee. It is similar in other Canadian jurisdictions.

In the United States, both the Health Insurance Portability and Accountability Act and the Family Educational Rights and Privacy Act also permit the sharing of information in situations involving imminent threats to health or safety. For students this could include elements of threatened suicide, other threats or unsafe conduct. The Privacy Act has a provision allowing for disclosure in compelling circumstances.

To infer that privacy protections were responsible for the events at Virginia Tech is to completely misunderstand the role that privacy plays in preserving liberty. The tragedy lies with the default -- in this case, of nondisclosure and inaction -- not with much-needed privacy laws that uphold our rights and freedoms.


Information and Privacy Commissioner

Province of Ontario


Monday Aug 20, 2007

What a CPO does when she's not CPOing-- Blog for the cure for MS

Hello Privacy folks,

While I fully plan to talk all about the millions of ideas that my various trips to China, Redmond, Travers City & Canada this summer have sparked... today's entry is not privacy related at all. But you may end up feeling better for having read it & doing something about it.

As many of you may know, apart from data privacy, one of my great passions is in contributing funds to research to unravel medical mysteries and to contribute to programs designed to bring comfort to families impacted by health issues beyond their control. This year some of my favorite folks at Sun Microsystems have teamed up to form Team Sun to share our passion for making the world a better place & to participate in a bike tour to raise money here in Northern California.

Every hour of every day, someone is diagnosed with Multiple Sclerosis (MS)-- MS is a disease that impacts the central nervous system resulting in a variety of frightening and unpredictable symptoms.

That's why I registered for the MS Bike Tour, and why I'm including the link should you find yourself wishing you could support our fund raising efforts with a tax-deductible donation.

The National Multiple Sclerosis Society is dedicated to ending the devastating effects of MS but they can't do it without our help. It's faster and easier than ever to support this cause that's so important to me.

You can either follow the link at the bottom of this message or, if you prefer, you can send your contribution to the address listed below.

Any amount, great or small, helps to make a difference in the lives of people with MS. I appreciate any and all financial and moral support and look forward to letting you know how I do.

P.S. If you would like more information about the National Multiple Sclerosis Society, how proceeds from the MS Bike Tour are used, or the other ways you can get involved in the fight against MS, please visit

My personal page:

Page for Team Sun:

National MS Society · Northern California Chapter
150 Grand Ave, Oakland, CA 94612

Now if I could only get in shape to actually ride 110 miles!! Egad.

Tuesday Jul 24, 2007

The Network of You... & Me

(This started as a small thought-light but I got a bit excited...)

Remember when Seinfeld was at the height of its popularity? When we all gathered around to find out what was the next great ta-doo about nothing? Well, that was something.

I have been doing a lot of thinking about what it means to gather around & talk about nothing & how all that talk adds up to something else again & how we can identify that something as community. When that talk isn't just about nothing, but something to me & shared with something you care about too or when all that talk solves a problem for us, those are double bonus communities.

Enter the age of the Network of YOU.

We-- our virtual water cooler, but actual community-- have figured out that The Network is the Computer. That millions of people begin computing for the very first time each day, day in & day out. That content is driven into this Network by individual people from all points on the globe & even by a few floaters up there in orbit. That people from all different cultures, backgrounds, & even with wildly different skills in technology (note the distinct lack of cool graphics or links-- I need fancy blog class 101) contribute their bits & bites to create something entirely new.

This is the Network of YOU.

If it is true that the Network is the Computer, it must also be said that It is a Network of People Computing.

This is BIG people.

Big beyond user driven content in that all this driving may be getting us somewhere valuable...or dangerous.

This also means that the Network has to contain some ethics, some respect, some rewards for good behavior and accountability for bad if it is to continue to solve very human problems and support a very human community. Where particular corners of the Network can be attributed to particular humans, data privacy becomes something far too precious not to protect, to fight vigorously for & ultimately to solution-share, expand, build & nurture.

With all these people computing, we, the Network of You (& Me), must continue to pursue solutions to challenges like:

Harmonization of Rules & Regulation: where no one jurisdiction governs the entire global Network of Computing humans, we must work to create rules that can be followed, that create stability & create protected & respected global data flows while remaining flexible enough to respect local culture and expectation.

Infrastructure & Interoperability: where we recognize that data about individuals can & will flow across technology infrastructures (Step one) & put our collective innovative thinking caps on to allow interfaces that work to protect connection rather than opening gaps ready for exploitation (Step two) & further figure out a way to manage to get rid of data about individual humans that no longer serves to create value but only to harm.

Governance: where we as individual 'owners' of a piece of this Network of You (& Me) start to expect better levels of respect, where we do not leave "governing" to others but take ownership of our own personal activities in gathering, sharing & deleting information about ourselves & others and where we do not exclusively rely on some piece of magical gear to take the place of thinking, planning and communicating. I suppose that brings us back to the Network to start to look for solutions...

Just a thought & perhaps the beginning of a really important new conversation about the root solution to the old problem of privacy & data protection I would very much like to continue with the Network of You...

It's NOT just about lost laptops and criminal behavior. It's NOT about big bad business or government. It's not about someone else. It's about you...and me.

A few thoughts...

Tuesday Jul 10, 2007

Finders Keepers

I found my Java smartcard!

I was picking up the playroom this morning at an ungodly early hour today & discovered my long lost Javacard. My 5 year old put it in her doctor kit because she wanted to be sure that when Dr. Dennedy goes to her fictional hospital that she would have "a key to get in in the morning & so that everyone knows that I am the one who knows what to do to the sick people." She was even walking around to doors and saying "BEEP" before going in.

Her sister apparently did not meet the appropriate access level for the doctors office-- she was a patient & had to wait for treatment.

Ah the joys of motherhood. That moment when your child realizes the value of symbology for authentication, role based access & presents a proximity reader use case....sublime.

Tuesday Jun 26, 2007

Get Prepared

This is geographically limited to the Bay Area, CA, USA but the message is universal. Get prepared for the unexpected.

Part of getting prepared for data disaster is getting prepared for more traditional disaster as well. That is just about the only data protection or privacy tie in for tonight's thought. If you're looking for a privacy specific update, please wait a few days. I just returned home from Beijing and I am leaving for Michigan at 5:00am local time. I've got some stuff in my head that will have to stay there until next week when meeting-palooza is completed.

For tonight, a free free free class offering disaster preparednedd training. If you haven't made your family & business group plan yet, do it. Be ready for anything. The following was sent to me by the City of San Mateo-- I had no other relationship to this group than that, but it looks like a great idea. Check it out & judge for yourself if you would like to participate:


Are you and your family ready to respond following a major disaster in the Bay Area?

Here is an opportunity to learn how to perform basic disaster skills from the San Mateo Fire Department. During the six week course, participants are trained in emergency skills that will include earthquake preparedness, disaster response, basic disaster medical care, light search & rescue, firefighting, damage assessment and response team organization. The final class will enable participants to practice these new skills during a hands-on drill at the Fire Department Training Center. Safety Equipment will be provided to all participants upon graduation. Please wear comfortable shoes and clothing to class. For more information, please call 522-7960 or visit

Course is FREE and open to adults 18 years and older, everyone is welcome.

July - August session

Course #: 36804

Location: Silicon Valley Community Foundation, First Floor Conference Room, 1700 South El Camino, San Mateo

Day / Time: Course meets five Wednesday nights: July 18, 25, August 1, 8, and 15 [2007] from 6:30 to 9pm

The last class will meet on Saturday, August 18 th , 9am - 3pm at Fire Station 23.

Think about privacy in safety...

Wednesday May 30, 2007

Don't Be a Loser

Like the flowers cropping up everywhere or perhaps the pollen triggered allergy attacks, the spring seems to have brought with it an abundance of data overflowing everywhere. You can't open a paper with out seeing tales of woe about badly configured files or broken processes allowing fraudulent access and laptop losses cropping up all over the globe.

I myself have recently been tormented by the recent loss of my Java smartcard that serves as both my access to my work facilities and as my workstation access card for my Sun Ray thin client. (If you haven't checked out these little beauties, you haven't really started thinking about governance yet, but that's another topic for another day when I'm not so grumpy that I've lost my card!!)

I have dug through suit pockets and handbags, briefcases and cars all to no avail. I even checked the diaper bag juuuust in case I had a moment & mixed goldfish crackers with secure authenitification. Now, if you have ever tried to navigate a secure campus without an access card you will understand why I have come to the following conclusion:

It's official; I am a loser.

Fortunately, in this case, I am of the relatively harmless variety. In true loser form, sure, I am ticked that I must drive down to the nearest Sun badge room to replace my all important access device. (Said badge room is in just about the least convenient location possible with limited openings that are all within the prime meeting witching hours.)

But, and most importantly, whomever finds my Java smartcard in Peet's coffee or on the playground or in some obscure conference room possesses only a goofy picture of me & a cool Sun logo-- no access to my workstation, applications or to the data for which I am a fiduciary.

I am a loser of plastic, not a loser of data & that has made all the difference to me.

If you must use a fat client (or tell yourself that you must because you feel lonely without your laptop), save only data to that device that you can lose. Public presentations-- okay loser; Financial, HR or other personally identifiable data-- BAD loser.

If you find that you have lost or have had your device stolen, run-- do not walk-- to your privacy and security teams. Speed is your best weapon to prevent harm when data goes wandering free. (If you don't have p & s teams, you really must get started. Switch off that 8 track & get with it already.)

Encrypted hard drives and secure applications are dandy, but a laptop or other fat client with no data is better and a 128 bit encrypted Javacard is divine.

Do your part to keep data pollution out of the air this spring.

Saturday Apr 28, 2007

What's user centric about systems that aren't centered around...ummm... the user??

We've been hearing the latest catch phrase "user centric" from just about everyone & their little dog Tim.

What does this really mean anyway? I suspect much poo flying about.

If you sell me a little card that holds my fingerprint & I present it to a supermarket who has decided that fingerprint authentication is the only way to be certain how many gallons of milk I buy, is \*that\* centered on me or my privacy? Of course not!

Vendor centric, perhaps. User centric, rarely, if ever given the current state of things.

User centricity is actually all the boring privacy geek stuff that happens to secure the entire data chain, not just the edge authentication piece & not just when it makes it easier for someone else to collect my persona elements.

User centricity says no to over collection without appropriate justification & transparency.

User centricity follows a decent document destruction schedule even where eDiscovery rules seek to throw a monkey wrench in the works by seeming to mandate saving every dot of data juuust in case.

User centricity is more than a card, a directory, a container, a thin client, a smart storage device or a what-ever-you-want-it-to-do-server. It's all this stuff architected together with a reasonable business case & good outcome for users & system owners, a good dose of common sense and a hefty industrial sized dose of giving a darn about the personas that pass by & thru these systems.

Watch for this "New & Improved" identity product catch phrase-- much of it's a load of balderdash at best, BS at worst. Stick in the fingerprint card into a system that wants more data than it needs but won't give you the service you want unless IT gets what IT needs, & you, the hapless & largely helpless user will know that this thingy certainly ain't centered around you!

Just a thought on a heat wave April night...

Thursday Apr 12, 2007

Goodbye Mr. Vonnegut

"Hello, Babies. Welcome to Earth. It's hot in the summer and cold in the winter. It's round and wet and crowded. At the outside, babies, you've got about a hundred years here. There's only one rule that I know of, babies -- God damn it, you've got to be kind." Kurt Vonnegut, "God Bless You Mr. Rosewater"

Your words were your kindness, baby. Thank you Mr. Vonnegut.

Friday Apr 06, 2007

RESPECT all, TRUST 1.0 no one....Trust 2.0 me.

This is of the longish ramblingish variety, so be forewarned. I'm in a mood. Privacy geeks proceed & please comment. This one is a struggle for me...

So here's my soap box about the T word of TRUST.

So many other privacy kids are always talking about trust-- transactions happen because there's trust, systems are designed to create trust, consumers trust this, workers trust that yadda yadda yadda. TRUST TRUST TRUST.

Have you ever repeated a word so often that it no longer makes any sense? Trust trust trust.

How do I \*do\* that? How do I \*lead\* that? I can be trustworthy but being trusted or \*starting\* with trust as though it were an obvious ingredient is something entirely different.

This bothers me. The current use & overuse of "Trust" is imprecise and not all that actionable. So, I've tried to mentally break this down a bit here.

There are 2 kinds of 'trust'. The "I have to" (Trust 1.0) kind and the "respect borne out of good and consistent treatment" (Trust 2.0) kind.

"I have to" says that you MUST trust me because I am your only option.

You are the only person on the mountain with a length of rope & my choice is participate in the getting hoisted up activity or drop down the mountain & splat. Neither are very good transactions over time even if you may be grateful that the rope person saved your onions-- he or she may still be a twit who provides bad service.

In the digital world, you may "trust" this service/ gear provider because you may really need to make a spreadsheet, for example. The fact that the means to make that spreadsheet makes your computer crash now or in the future or exposes your other stuff to bugs or hackers is the choice you must make because failing to produce that computer assisted output means you lose your job in a financial splat. Or you just don't get to do fun & entertaining stuff like all the other cool kids-- a social splat if you will.

I trust 1.0 because I have no other choice.

Now the second brand of Trust 2.0 on line is the kind we all are trying to achieve & the kind to which most folks are trying to refer to with that word.

It is a concept aimed at making our users \*feel\* something or \*experience\* something subjectively so that they will come back to us again & again or will tell their friends about us again & again.

Trouble is that subjective feelings on the part of others isn't exactly actionable to a bunch of rabble that gets to say "we are the trusted solution" because you can't break down that subjective measure before it's broken itself down-- back to the 'trust me, I have a rope' model.

SO, in my opinion (not shared by many, but I have been thinking about it for quite a bit), we need to break down the actions and parameters and as much of the objective activities that need to happen that are likely to lead to the second variety of "respect borne out of good and consistent treatment" Trust 2.0 kind.

This is more in line with the concept of RESPECT & good manners (ie, rules/ standards) on line. We can measure these concepts, audit their presence or absence & improve over time. We can't get better at making others have emotions.


First, these concepts allow for a continuum of activities that happen over time-- I key element of trust.

I liked my husband when I first met him; he was smart, pretty cute & seemed to enjoy putting up with my weirdness. Like & respect were not the same as Trust. 11 years later I know what he's all about, I usually know how he is going to generally behave & that he's here for the long haul so I trust him. Our brand of trust has grown over the years to create a new variety. Same thing happens in all of our other relationships. I can also trust that other people in my life would, given the chance always treat me like rat turds. I trust them too & know what do do if they get near me, tie run like hell & don't look back.

Time audits itself in a sense-- bad stuff happening? Check. good stuff happening? Check.


Second, for trust to fit into the second, Trust 2.0, variety, both parties need to understand what the context is, why they are there & what will happen (or won't happen) if they come together to participate in a transaction.

If I am back on that mountain again, transparency can be simple-- looks like a good rope & a person strong enough to haul me up.

In an on line transaction I'm not just talking about Ts & Cs (although those might help with clarification). Notices that say things like, "this is an international organization, so your data may move across borders, but will be given a consistent level of protection wherever you are on the planet" or present the user with an open box for an email address where there is an on line newsletter on offer.

The notice can be small where things are obvious & must be larger (or clear & conspicuous if you want to get all FTC on me) where something non obvious, outside of the norm or unexpected may occur. (Informed Consent ala 100 years of juris prudence.)

For example, when Sun workers leave a Sun internal workspace, they may have the link presented to click on a third party vendor site that has its own branding and it's own linked policies. The notices, logos & other branding on that landing site set the expectation that the worker is now transacting services outside of Sun's direct control.

We can audit whether notice was presented even if we can't audit whether it's been understood. (That's a tricky item we can virtually discuss another day.)


Third, standards are the red haired stepchild of Trust 2.0 in that they really don't get the attention they so richly deserve. Standards are the good manners of transacting business or coding that make the transparency of the interaction and the constancy over time so much easier to achieve & understand.

In the US, when you approach another person at work, extend your right hand & that person will know what to do. You have made a signal that you are friendly, willing to do business & that you know at least some of the context to be able to put others at ease to open a communications channel. That's a tall order for a simple handshake, but it works.

We also drive on the right side of the road here or heavily mark up the 'one way' street if we deviate from that standard. Commerce happens on top of those simple rules & we initiate new users to participate on that platform over time. (Time is important, after all!)

The easiest exemplar "standard" in on line privacy is the humble asterisk \*. If it calmly sits next to a text box-- sometimes it's even dressed up fancy in red-- the user understands that he or she must put something there or he or she will hit a digital wall.

The further standard of where & how email addresses are used to communicate on line helps things along as well. I can choose to lie or give out a piece of PII of lesser value to me (my hotmail email or other designated spam box, for example) if I haven't learned to Trust 2.0 yet but I still need to hand over \*some\* PII to get what I want.

The more complicated standard is, of course, less easy to understand in this Trust 2.0 context.

Technically we hope to lead, cojole & convince many organizations to separating their data into rational groups and only sharing that which is necessary to perform the value added service & that which is expected & agreed to by the user. (containers, role based identity suites, federated liberty standards, thin clients & the like.)

When the system design & execution does this, systems can interact in a predictable and expected fashion. They can be secured with some level of assurance (not perfectly because there will always be smart bad people too), but with enough assurance that all the smart good people are working to untie (& untie again & untie again) that particular Gordian Knot.

We can audit whether these are used or how they are noticed when there are deviations.


Fourth, we will mutually agree what is good, kind, likable, valuable &, as a community, will decide what is unexpected, fraudulent or destructive to assets.

We can audit whether these happened or not once we decide what they should look like.

GOOD MANNERS x STANDARDS x TRANSPARENCY x TIME = T R U S T...maybe. The customers & users control how they subjectively \*feel\* about it.

GOOD MANNERS x STANDARDS x TRANSPARENCY x TIME = RESPECTFUL TREATMENT. Definitely. We control the factors that lead to a more objective, reasonable standard.

Bubble bubble. I've slipped off my soap box. I realize it's a nuance, but I think a productive one!! (

BTW to my friend who set off this particular rant, I've made this discussion anonymous & have thrown it out to the blogasphere because I feel pretty strongly that we've all been talking around the right thing & using the wrong words. I also believe the lexicography can lead to action.

Just a rambling thought...




« July 2016