Tuesday Jan 26, 2010

The Reilly Minute

So I haven't started personal blog apart from Big Corp. just yet but I invited my 8 year old daughter to participate by writing a bit in a feature she named "The Reilly Minute". The rules are that there are no stupid potty jokes but nothing else. (I must reserve \*some\* content to myself after all.)

Her first installment written in her journal & shared with her full permission explains exactly why I think she's such a cool little bird. Here it is-- with a few spelling corrections:

"What To Do For Haiti

We should donate food, water, toys, money and medicine. We should adopt children and treat them well. If they get teased, help them. Don't spoil them. But if you don't have any children, you have more opportunity to get one. The least you can do is donate a jacket to keep a grateful child warm."

Yes, Sun we delisted Sun today & I feel very sad about that. But, all in, I'd rather send a jacket to a grateful child than worry that the footprints of the past may fade. Full speed ahead & hurrah for The Reilly Minute!!

Friday Jan 22, 2010

And Away we O...

So, we've come to an end and back to a beginning once again.

I'll have more to say in the coming week but there is a path forward for me & I'm sooooo ready to continue on working with engineers, ops people, academics, journalists, human resources professionals, lawyers and even sociologists & teenagers to build a better, more secure information world for myself, my family and for you.

I respect the power of information to impact our culture, our commerce and our community with others. We must build in as many technical mechanisms, craft sustainable & living policies that reflect our desire to build and protect rather than block & hide, and preserve our ethical drive to respect IP and PII as the critical assets they should be.

In short, my logo & paycheck may change but my mission will not.

We will not falter & we cannot fail. This is just too big.

Just an obscure thought,

Signing off to visit hopefrhaitinow.org to do the Dennedy's bit to respect the people who would like to continue creating PII for many years to come.

Wednesday Oct 07, 2009

What \*is\* the Cloud?

It's been a while & I've been very busy indeed. I hope to share a good bit of the concepts I have learned & the ideas that I have about governance in an extended computing context. Today is still not that day but I did get some great silliness from my buddy that I must share:


What is the cloud? Magic carpet with laptop in hand? Not really, although we did think technology would have advanced to the point where we \*could\* fly at this point. (Thank you Carrie's hubby: http://www.kqed.org/epArchive/R909080737)

Is it merely a buzzword for stuff we've already done for years? Ahem, some who may be richer than a few of the Pharohs may say it's so but that rant itself may turn out to be buzz too... It's a strange new world so I'll just not go there today.

This thing is that a resource that \*may\* be capable of
- recapturing the 80%+ of wasted computing cycles,
- may actualy trigger a meaningful federated ID strategy with meaningful RBAC,
- may force a discussion regarding ownership, retention and juristdiction,
- and may just allow faster information rich businesses to escallate using technology rather than being limited by capital start up costs for servers & networking gear

certainly catches the imagination doesn't it?

Maybe it's not a new new innovation, but rather the culmination of the Network is the Computer. From where I sit as a governance geek, not entirely unheard of is good. Capable of well planned architecture to provide audit, accountability and authenticity is nice. Understood governance and security and privacy governance models applied in a slightly more innovative business environment is good too.

Maybe the Cloud is just a good idea we've all had for a long time that has had time to become real.

I still wish we could fly.

Just a thought...

Monday Aug 03, 2009

Our Very Own Olympian!

This week is a particularly exciting one for Stanford University as it hosts the 2009 National Senior Games.  http://www.2009seniorgames.org/sports-track-field

You have to be 50+ to compete.  I am 40 something and sitting at my desk makes me sleepy.

If you happen to be in the 70-74 category in discus and shot put, and you happen to be my best friend from college's mom, Rita Matz, you just may be one of my heros.

My family is particularly honored to be hosting Mrs. Matz & her daughter, (who also happens to be her coach and a champion in track & field in her own right back in the day) this week.  We will be cheering from the sidelines with all our might.  The ladies Matz will be staying in the very finest Pepto Pink suite in our home, as ceded by Miss. Thang for the occasion.

Wherever you may be and whatever your feelings on cloud, identity, privacy or respect for information about humans, stop for a moment and give a cheer for Rita Matz, my favorite Olympian. 

Tuesday Jul 28, 2009

Just makes sense to me

Just a quick blurb from an exchange I was having with a very smart privacy diva that was worth sharing:

Data is an asset.  You know.  I know.  CPO's know. Some CISO's know.  soooooome lawyers know.  Greed is an

excellent motivator that is not antithetical to ethics & this notion may be the primary way forward in these challenging times.  The Cloud only serves to amplify this simple fact.

Fact is, Grace Hopper was right.  Data ultimately will be on the balance sheet as it generates predictable outcomes and can be associated with profit or failure.

How to measure it?  How to audit your Cloud provider to be sure they make a good accounting of it?  This is where the normative value of best practices & standards will help us.  This is where GRC measurement tools are critical.  (By the way, in my mind "Governance" inherently includes "Compliance" and "Risk" but the acronym does persist so there you have it.)

I am very interested in being a part of these threads coming together to create something so practical and irresistible that it will seem obvious to the naysayers.

Just a thought while I procrastinate some more...

Friday Jun 19, 2009

Proud Momma Keep on Rollin'

Not info. governance/ cloud/ privacy today.

A peer review from Miss Thang's classmates for the end of the school year:

You are funny... like the time you licked your glue.

It's fun to be your partner at P.E.

You are nice and make me laugh.

You have good sense of humor.

I like that you don't quit things.

I'm happy that you're in the tree with me and not destroying my room.  {Note from the editor-- huh??}

I like how you never give up.

You're nice, respectful, and a good friend.

I can always trust you.

I love your jokes.  They're hilarious.

You're always doing nice things.  In games you're a good sport and never cheat. 

I like your funny jokes.

I think it's really funny when you chase boys.  {Note from the editor-  gulp}

You are friendly.

You tell funny jokes that I laugh at.

You never argue with me.

I really like how you always help the situation.

Okay, so I would have like to have seen "Miss Thang is the smartest person in the class & her mother is clearly the best ever" but all in My little buttercup rocks.   She deserves a safe cloud to manage data in an extended information management environment.  So does Miss Sweet Cheeks.  I think I'll go help build it...

Friday May 29, 2009

Great Read for Fun for Cloud & Info Geeks

Please read "Snow Crash"  by Neal Stephensen.  See http://www.booksamillion.com/ncom/books?pid=0553380958

SO worth it even if you're not particularly a sci-fi fan.  I won't ruin it for you but the Cloud implications and data protection implications online and off are at once subtle and right up in your face.

It's becming a bit Catcher in the Ryeish for me as I read it before I came to Sun when I mostly cared about medical device patents, again when I entered Privacy Nation, and I was thinking about picking it up again because the Cloud is so obviously implicated.


Remember the ACLU's Pizza Delivery guy call demonstrating data proliferation several years ago?  http://www.aclu.org/pizza/images/screen.swf

That the protagonist in Snow Crash is a pizza delivery dude makes it all the better.

 While we're all feeling nice & literary this fine Friday evening, I started in on Dan Geer's latest security as a business proposition book.  The "Info on the Balance Sheet" from Rear Admiral Hopper quote is on page 42...  Coincidence?  I think not.  I am love love loving it.

This is the book I imagined I could write one day, only I didn't imagine writing it this well.  (Funnier, perhaps.)  The title is Economics & Strategies of Data Security.  That I am reading it before digging back into Neal Stephensen's world again is probably telling.

 Note to self, get babysitter & go out from time to time...

 Nighty night Hackers!!! 

Tuesday May 12, 2009

Team Sun Rides on!!

This is not an information governance entry but something that is important to this information governance geek.

So, I was riding along at 5:45 AM & these two little guys roll down the window of their Prius & shout, "GO SUN!!!  We love you!!!".  Granted, I nearly fell off my bike from shock, but, once recovered, I looked down at my bike jersey & finished the rest of my ride with a big happy grin.  It \*has\* been fun here.  Team Sun the Multiple Sclerosis fightin' biker warriors make me happy too.

Here's some info for you so that you can join Team Sun for at least one more ride:

Bike MS: Waves to Wine Ride 2009 - Sept. 12th and 13th

New in
2009: We’ll be starting from the UCSF Mission Bay Campus quad.

MS:  Waves to Wine Ride takes you on an unforgettable two-day journey
from San Francisco up Highway 1 to Healdsburg in Sonoma County. More
than 1,700 riders will cruise along scenic roads riding anywhere from
50 to 175 miles. Six full meals, generous amenities, stunning
landscapes, stocked rest stops every 12 to 15 miles at spectacular
sites, and spirited festivities that include music and a beer garden
are all included.

This is the link to my page (got my money & my cycle where my mouth


This is the link to the Team Sun page:


Thanks everyone!!!

Wednesday Apr 15, 2009

A little love for Fordham Law School

The US News & World Report is soon to
issue it's Law School
rankings.  This issue is always met with much discussion in my house as
my husband attended the country club Stanford Law School which
pitter-pats back & forth with Harvard for the #1 spot each year. 
(I still have to explain how the 4th amendment actually works when we
watch Law & Order.  He kicks my butt when it comes to leveraged
buys outs but outing him where I can is always good sport.)  ;-)

 I had much more humble beginnings as a
night school law student at Fordham Law School in the heart of New York
City where I was able to keep my job and attend night classes.  I was
also able to act as Summer Clerk to the Hon
M. McLaughlin (which is a clerk to the clerks kind of job where the pay
is zero, the experience is priceless and the clerks have remained great
friends and supporters.)

Fordham's night program is about to be ranked as #3 for
evening programs & I couldn't be more thrilled.  Fordham's
commitment to service and leadership through respect and service to
those led shaped and guided me as a young woman trying to make it in
the big city. The education I received there from fellow classmates
& faculty guides me today.

Great to see some good things coming to good people!!

Just a rah rah & a thought today...

Thursday Apr 02, 2009


Was it Alice in Wonderland or Willie the Pooh who observed "curiouser & curiouser..."?

Thursday Nov 06, 2008


I can't say anything yet.  Next week Sun's bringing on more information asset/ privacy enhancing capable cool stuff.

Change has come to the data center.

also a new service that I can't talk about 'till next week.  If you
have data anywhere in your enterprise, you need this service.  It will
sound not huge, but it is. 

So is deodorant.  

Tuesday Nov 04, 2008


Nothing at all to do with privacy today.

I am \*almost\* tempted to break my own rule about not publishing pictures of my girls online to post a picture of Miss Thang, placing my absentee ballot in the ballot box this morning.  She woke up at 5 am all excited & said "IS IT TIME TO VOTE FOR  xxx?!"

At 7am, we cast our vote for the future. I wore my red cole haans (my only tip to luxury items) & she wore silver sparkel shoes, a Red white & blue star covered T-shirt & US flag design baseball cap with her beautiful pony tail hanging out the back & a smile that I'll never forget.

Whomever they may be.  Let's hope the new team in the US gets it together to lead us out of this mess.  We have a fresh chance. 

Wednesday Oct 08, 2008

Data Classification & Thick Ankles

So, one of the best things about my Data Asset Management job (love that DAM job) is that I get to talk to really really really smart, creative & brave people.  I lunched with one of those today.  Sun acquired the company that he founded & where he worked as it's CEO.  Now he works with me & boy are we going to have some fun!

We were discussing various issues in the data world, including Data Classification.

Here's what I think about this little beauty that I like to call the enterprise version of the "Why don't I have Cindy Crawford's booty?" problem.


I would love love love if every bit of data was metatagged at it's collection & further tagged with an expiration date.  How I wish I had a backside that looks like a fashion model after \*she's\* has a couple of kids.  (Hey, I'm not \*that\* mean to myself!)

 Here's the thing.  I love donuts.  I ride my bike all the time but I travel all the time and, well, I love donuts.  I'm also genetically only 5'6" with legs that only comprise about 2" of that.

 You have legacy data.  We all do.  We love to acquire companies, their customer expectations, policies, IT systems and their strange data & data habits along with their people & technology.  (That's how we acquired this very very cool new company and, my new buddy.)

You also are not stopping to take the time to classify your data comprehensively all the time.  You're not.  If you \*think\* you are, we're having a rather large sale on free downloads for a billion dollars per download-- just kidding legal people. ;-)

Data classification is a bit like cutting down on donuts or taking up exercise.  I t will always help you build awareness and increase the probability that you are spending the right money on the right data protection problem.  BUT...data classification applied today is an investment in going forward over time.  It will take some hard work & discipline to make it a habit & eventually a healthy addiction.

Data Classification will not make you taller or prettier.  You need the rest of the people, process and technology all married to the appropriate culture to work that kind of DNA magic.  You can and should & may soon be legally required to do the best you possibly can to protect your data assets.  Your ultimate ability to compete will likely turn on your ability to leverage your unique information assets & classification is a part of that story.

Hmmm.  Wonder what will happen if I have a donut \*on\* my bike ride tomorrow...  I still won't have Cindy's booty, but I'm willing to take the risk.

Just a thought.... 

Friday Sep 12, 2008

We shall not fail nor falter

We shall neither fail nor falter; we shall not weaken or tire ... Give us the tools and we will finish the job.

~ Winston Churchill

Here's a little note from two of the many voices in my head:

Clean up your data centers & get rid of your excess data baggage. Invest in identity systems but think and keep thinking about why you deploy them in the first place. Embrace a cryptographer. Buy a Black Box. There is much to be done in the world of data asset management. We shall neither fail nor falter. We will continue to invent the tools and deploy the tools to finish the job.

In the interim, I am spending the weekend with over 1,000 of my pals cycling in the National MS Society's Waves to Wine bike tour to raise cash & awareness about multiple sclerosis. This disease stinks. We shall not weaken nor tire. We don't have the tools to finish the job. The meds we do have not only make you feel like a truck ran over you pretty much all the time but are expensive and a pure luxury for even those with great insurance. You can help. Kick start your weekend by donating to Team Sun.

Finish the job. www.wavestowine.org

Thursday Aug 14, 2008

Top Women of the Web

So, I was scrolling thru the Tivo menu the other night & I was all excited when I saw "Top Women of the Web" so I hit record & planned to watch it while I stretched out for my bike ride in the morning. I thought, "cool! Grace Hopper, Anita Borg, Mary Ann Davidson, Radia Pearlman...this will be just geeky great!"

Well, let's just say, the "top" Women of the Web were all certainly top heavy, but not necessarily in the cranium. I felt a little stupid myself for not even considering "top" women were bikini girls, but it certainly got me thinking about the Web, women & why we don't celebrate some of these important people more often. Men and women geeks have impacted our world to far greater measure than the media would have us believe.

Geeks of the world, UNITE!! Let's support each other, mentor each other & help our unique perspectives be heard just when our businesses and the planet need our talents the most.

Here are some of the folks that I would like to have seen in \*my\* version of Top Women of the Web (in no particular order & certainly not inclusive) All of them are icons in their own sphere, all of them have helped me smack down that stupid voice inside saying that I can't or shouldn't or won't:

1. Mary Ann Davidson, CSO, Oracle http://www.oracle.com/corporate/pressroom/html/pressportal/mdavidson.html

This lady is one of my personal heroes. She's a holistic thinker. She's a relentless and tireless security advocate. She's been
personally challenged by Larry the Reputedly-Not-So-Nice on many occasions & yet remains steadfastly Oracled. Her ideas about forcing the Universities that supply vendors like Oracle & Sun to train code slingers safe coding practices and systemic information assurance are bang on: http://blogs.oracle.com/maryanndavidson/2008/04/08/

Mary Ann is also a decorated former military officer. When Mary Ann kicks ass, I don't think it's a figure of speech & I wouldn't want to find out.

2. Sheueling Chang-Shantz, Distinguished Engineer in the Sun Microsystems Laboratories. In addition to being a traditional, it ain't done until the engineering is right & the slide show matches the facts kind of gal, Sheueling is one of the most approachable and ego- free individuals I have encountered.

When you have contributed as much as she has to putting big security in tight corners (amongst other stuff), you deserve to act like a prima diva and a strut a little. Instead, Dr Chang lets her achievements speak for themselves and her warmth invite dialog. I'm a huge fan of both brain & style.

3. Deb Reiman is a woman with whom I recently became acquainted. She manages an investment fund, was a former CEO for Check Point and sits on a number of public company boards. She's one of the business rock stars of the Web age and has been involved in shoring up the defenses of the brick & mortar companies as well as the newbies.

She was kind enough to sit down to breakfast with me one morning-- I wanted to discuss 'selling' data protection at the board level with a serial board member. We fell to chatting about life & work & she inadvertently helped me finally put to rest the 'am I being a good mother with tiny kids by staying with Sun and following my passion'? Answer: YES.

My kids need a safer world to live in. They deserve respect on-line and data integrity. I believe that every human has unique things to bring to the table. I can bring those things to work \*and\* remain close to my girls' hearts. It's a lot of work, but if Deb can do it & have a wonderful relationship with her uber successful kids, I can try & I will keep trying. Thanks Dr. Reiman. You were there when I needed you most & you were only a stranger until that day.

4. Lin Lee. http://www.sun.com/aboutsun/media/ceo/bio.jsp?name=Lin%20Lee Okay, cheap shot because she's actually my boss. But, before she was tapped to be the top honcho in my chain of command, she was already a trusted friend and ally.

Lin has Vision. Lin can take the worlds of engineering, politics, cultural differences and management styles, mush them all together, clearly articulate them & make it all feel like your idea. She is the rare boss who tells us to think Bigger, instead of the usual mantra of "calm down" "we've always done it this way & making waves won't help" or "stop dreaming about the impossible".

We need more Lins. Big ideas, and lots of support & freedom to chime in with more ideas. That's gender neutral cool. (We also need a better picture for her-- she's an uber babe & this picture of her stinks.)

5. Lile Deinard, IP lawyer & provider of couch, friendship and inspiration. http://pview.findlaw.com/view/3305139_1?&channel=LP
I had $50.00 to my name, a BS degree and no clue. Lile Deinard was already a partner in a prestigious New York law firm, a mother of 2 grown children and a friend. Here's what she said,"Michelle, every young girl must live in New York for some period of time. It's a place where the impossible doesn't even merit a turn of the head on the Subway." Sun's kinda like that too.

I add Lile here because one should never underestimate the power of a mentor or of allowing one's self to be mentored. I wouldn't have had the cash for a deposit & first month's rent without this lady's couch; I was able to hack through law school at night with her mental support; I have the thrill seeking desire to dare the impossible because I have been witness to her spirit.

You go geeks & top people of the web! I believe in you. Let's commit to doing a better job of supporting each other.

By the way, back to the Top Women of the Web-- which I actually watched in all my schlumpy glory. I don't get very excited by buying a new tech gadget like a phone or pda or by that many boobs, but I suppose it's a case of differing perspectives.

Finally, someone in house had a great idea of starting a meme chain-- name some of your Top People of the Web. I'm ready for some positive inspiration with perhaps a wee bit less Lycra...okay, maybe an abundance of fabric rather than the alternative...

Just a thought.

Wednesday Jul 30, 2008

The Best 4th Grade Education in the World

Tonight is a true life tale about the power of sharing personal details & reconnecting with people who help shape ones persona. The tie back to privacy is a bit thin, but it's there in fits & starts.

In the Network of YOU, data is shared-- and a risk undertaken-- with the hope, but not promise, that some reward will be achieved. DV > DR = Success.

We share our best efforts filling out tests & term papers for the reward of recognized scholastic effort. We can read alone or perform mathematics in secret & actually grow our knowledge, but learning from others and getting a grade are useful & valuable things.

Sometimes we share stuff just to have a certain level of catharsis but we don't really know if anyone reads or cares about our thoughts. The community of thinkers or of objectors can be a valuable thing too.

Still other times, technology, personally identifiable information shared & our actual/ real/ flesh & blood relationships combine & some really cool stuff can happen.

Put this posting into the Really Cool Stuff category:

So, I'm sitting in my office & trying to figure out how I will get to about 5 conflicting fall conferences & meetings all squished in & I have a nagging irritation in the back of my brain that I MUST call Drew C.

(Drew is, incidentally, a super smartie data valuation guy with whom I am currently conspiring to create something very very cool.)

From out of the blue, a got an email telling me that I've got a comment on my blog from my fourth grade teacher!!!!

Small world & cool internet moment & all that but, what makes this exceptional is that this was THE teacher in my life who first made a difference; the person who made me feel like being weird all the time actually made me kinda special; that just being myself & dreaming my own dreams was not just tolerable, but pretty great.

When I was in fourth grade, I thought that boys were 'yucky' & I told Mr. F. that this was so. He said, "I'll bet when you're a few years older that you'll feel differently."

So, never one to shrink from a challenge, I said that I bet him $5.00 that he was wrong.

He smiled & said, one day you'll grow up & get married. When that happens I will come to your wedding.

This may be why I don't gamble.

My family moved away the next year. I kept in touch with Mr. F, writing letters. A few years later one of my letters arrived containing $5.00. I had a mad crush on a boy named Ted. (Who never did know I was alive. Wherever you are Ted, that chubby brace faced dork 2 rows behind you in Mr Schneider's math class thought you were cuter than Hans Solo.)

When I was in college, Mr F shared those letters that he had saved for all those years with me. I was at a serious cross-roads again at that time & here he was again believing that I could make it-- the power of a great 4th grade education, after all, should never be underestimated.

I worked my tail off between undergrad & put myself through law school at night through a serious of odd & intense jobs & lost touch with Mr F. After I started practicing law, I had moved out to California & was planning to be married when I received a call from Mr F who had bumped into my mom & dad. He & his wife had retired (sort of-- he's STILL teaching part time after nearly half a century of encouraging kids like me!!) &, sure enough, he kept his word & he & his wife were there, grinning broadly as I walked down the aisle with my dad.

Insane law firm job, crazier still Sun job, house burning down & 2 kids & just plain old life later & I became so caught up in the day to day that I neglected to write to my favorite pen pal for many years. Until today.

Thanks to the Network, open communication practices & a really great memory of Mrs F to recall my maiden name, my favorite 4th grade teacher & I reconnected. We chatted for a while, I sent him pictures of my ladies & just got caught up. I cannot begin to express what a joy that is to me.

We as an industry & as a global community WILL figure out how to secure communications channels because we MUST. We WILL figure out how to measure out appropriate levels of authentication, and use of information with respect & trust.

Connecting to those who are near & dear should be simple. It's not. It would be lovely if we could collect all of our favorite people & our future favorite people & always be within walking distance. Not possible.

We can, should, must understand the Value that makes it worthwhile to take a manageable Risk to connect with the appropriate layers of confidentiality. We'll figure out how to keep the DV > DR.

Today, my personal equation is in balance. I may sound like a soppy bonehead weirdo on this blog but, among other things, the blogoshpere is keeping me grounded in the best parts of my past. Such is the power & the relevance of a really great 4th grade education from the best 4th grade teacher in the world.

Just a 1970's thought...

Tuesday Jun 17, 2008

Happy Father's Day

So, it was Father's Day this past Sunday here in the US-- a greeting card confection of a holiday to be sure, but a great day to stop & think about your dad. My girls can blog about their wonderful dad one day. This blog belongs to Daddy-- the geeked out, meta data, privacy & security, super sarcastic wise acre guy Dad who is \*my\* dad.

This is him: http://itresearch.forbes.com/detail/RES/1205249349_373.html

He's a smartie and a first gen privacy guy even though he would likely answer to architect or something of the sort. The cool thing is that he's been around the computer business since the punch card days & he knows many of the why's that we take for granted were built in the first place. If you think Miss Thang is hilarious, she's got nothing on my dad. Unfortunately he also periodically checks up on my blog, so I have to behave myself a bit. Perhaps he'll get a code name in future episodes...

Dad's first entrepreneurial exercise was in software that helped large mainframe computers do a "data dump". Old data was bogging machines down & causing them to malfunction or stop functioning altogether.

Here I sit, 30+ years later & what I'm working out today is how do we do enough data dumping to keep the assets driving value & dump those driving inefficiency & causing foolish risk.

Hmmm. I'd better call my dad.

Love you Poppa Finn! You are my inspiration AND you make me laugh. For what more could a girl ask? (Don't tell Mom I blogged about you first.) ;-)

Thursday Jan 31, 2008

Paperclip Career Advice

Some advice is just too good not to share. This is a piece of mind blowing advice from Rhonda MacLean who is currently the Director of Security for Barclays Bank. (See http://www.veracode.com/board-of-advisors/rhonda-maclean.html) She kicks butt on any continent. It has nothing to do with the substance of privacy but everything to do with survival in an amorphous professional career path in a brand new or undefined field.

I call it paper clip advice because once you see it, you may be tempted to think that it's obvious or so ubiquitous that it does not bear repeating. I wish I had invented the paper clip.

Here it is (& I quote): "Be the CEO of your own career."

That's what she said.

I've been thinking about this since she said it at the Executive Women's Forum last Fall. (This is a group that merits some discussion in another post-- it's for folks in the privacy, data management, security, risk, and compliance functions & I have found it to be a must do for my calendar.)

Since that time I have been taking stock- so to speak- of my stakeholders (both professionally & personally), my assets and liabilities, my unique characteristics that make my own personal enterprise valuable or able to trigger value in others. I have started to document things to honestly report to my stakeholders progress and areas where I need more assistance. I've started to think about overall goals, quarterly, annually, overall.

You get the picture. Run your career as carefully and in some ways objectively as you would run a company.

Has my stock risen? Perhaps only in my own reckoning so far, but the exercise in taking a hard look at what is & what can be and where my team needs to go to get our objectives met has been as useful in holding a complex challenge neatly in a consumable package as, well, the humble paper clip. Elegant, tidy and perfectly engineered.

Thank you Rhonda. You are an inspiration.

Tuesday Oct 30, 2007

"Just so you know, Mom"

Holy Cow! I'm just sitting here getting caught up on the daily fun & follies & we just had an earthquake here in Northern California. I'm not actually from here & they scare the ____ out of me. (Hubby loves the weather; I love hubby so here I sit & shake.)

So, time to blog a blog with thoughts on training. We all need to do it...often. We must ensure that our message is clear, audience appropriate and gives clear guidance. Training should be geared so that our fellow fiduciaries of the personal data asset know what to do when all is well & upon whom to call when things go wrong so that we may recover as smoothly as possible.

A note on that last point-- do not ever ever EVER think you are training to guarantee harm will not strike. You're not & you will be sadly disappointed to learn that life will happen & you will, at some point, experience a breakdown in people, process or tools that results in a hit of liability or only a near miss if you're lucky.

Nope, you train, plan, strategize & then train again to run as efficiently as possible and to fail as smoothly and gracefully as possible.

Wear your seatbelt, but have well maintained brakes, learn & practice how to drive regularly & prepare for the idiot with the cell phone & double grande latte supremo who can't seem to use his signals and simply \*must\* occupy your lane \*now\*-- a drivers manual and multiple choice quiz is not enough.

To top off the thought-- and because it's just a great momma story-- here's a bit of wisdom from my very sassy 6 year old:

So, Miss Thang was harassing her toddler sister (the one with the sugar sweet cheeks and scream like a wild banshee when provoked by said 6 year old)...again.

I had just stumbled in from a 12 hour day conversing with people with a privacy issue on most of the populated continents and was already on my last nerve & so not ready for "gimme that" "NOOOOOO" "Mooooom" "WAAAA!" (Repeat this sequence until your ears start bleeding & you'll get the picture.)

Insert Mom intervention to the effect of "Now girls, play nice." "Sharing is fun!" "Play nicely please" ... & other miscellaneous & largely unheard or heeded Character Building Training Stuff.

Finally, I turn to Miss Thang & tell her to get to her room & think about her behavior & how she planned to improve it so Mommy doesn't have to either have a nervous breakdown or agree to fly to Asia in coach again just to get some peace (or both).

(Accountability & consequences are supposed to be excellent training tools after all.)

My little lady gets halfway up the stairs, turns, comes running down & back into the kitchen, hands on hips with uptilted face to announce,

"Just so you know, Mom, you know when you tell me what to do & send me to my room to think about it? Well, I usually just think about it on the stairs. When I get to my room, I mostly think about other stuff & play with my toys."

She turned on her little heel & marched straight up to her room & likely gave not another thought to my training, her sisters toys or her crazy mother who was trying not to laugh so loud lest the Character Building Training Stuff be lost.

All I can think of are my friends in the field, HR, vendors & so on, marching forth & thinking of their data privacy & asset management training & NOT playing with \*their\* toys. Right?

A few random thoughts for a shaky pre Halloween night...

Tuesday Sep 11, 2007

Data Privacy is about what we share & how we respect others

Hi all,

There is some talk about data privacy being the reason for the VA killings this past spring or at least the reason for inaction to get the killer help & keep him away from other kids.

I absolutely agree with Commissioner Ann Cavoukian's letter attached below in this chain regarding the role data privacy laws played in the Virgina Tech tragegy & in other similar situations. Data privacy did not stop fiduciaries from action. Legal requirements or policy did not stop permissible sharing of critical data.

Data privacy is about reasoned and intentional sharing of information that adds value or prevents harm. Data privacy--ie sharing-- is how we share our HR data to get paid and to recognize excellence. Data privacy-- ie sharing-- is how we delight our customers with great service and by inventing products and services that solves their problems.

There is a time, place & reason for rules and regulations. YES, they need to become harmonized so that it is easier to follow them. To be sure, they can be difficult and confusing and sometimes too heavy handed. They can be used as commercial tools by governments who may not always have pure motives. All realities that require action by data privacy policy & practitioner folks.

There is also a time, place & reason for policy that helps organizations make sense of legal requirements and tie practices and tools into a system designed to serve and to do no harm.

There is also a time, place and reason for people to use systems that contain information about people with wisdom and discretion. Sometimes those people need to share that data to prevent harm or to actively bring about good.

That's what data privacy is.

I got a little excited here, but please see Ann's letter below.


-------- Original Message --------
Subject: Ann Cavoukian letter to the Washington Post

I applaud Commissioner Ann Cavoukian (original author of this statement deleted to protect his privacy, but I agree.):

The Laws Didn't Fail

Monday, September 10, 2007; Page A14

Regarding Marc Fisher's Sept. 2 Metro column, "When Privacy Laws Do More Harm Than Good":

Privacy forms the basis of liberty. The problem lies not with the laws but with those who fail to disclose needed information when required.

Privacy laws allow for the disclosure of information in cases involving the health and safety of individuals or the risk of serious harm. I issued a fact sheet (see http://www.ipc.on.ca) http:// to clarify this point and identified circumstances when personal information could be disclosed under Ontario's privacy laws, which I oversee. It is similar in other Canadian jurisdictions.

In the United States, both the Health Insurance Portability and Accountability Act and the Family Educational Rights and Privacy Act also permit the sharing of information in situations involving imminent threats to health or safety. For students this could include elements of threatened suicide, other threats or unsafe conduct. The Privacy Act has a provision allowing for disclosure in compelling circumstances.

To infer that privacy protections were responsible for the events at Virginia Tech is to completely misunderstand the role that privacy plays in preserving liberty. The tragedy lies with the default -- in this case, of nondisclosure and inaction -- not with much-needed privacy laws that uphold our rights and freedoms.


Information and Privacy Commissioner

Province of Ontario


Monday Aug 20, 2007

What a CPO does when she's not CPOing-- Blog for the cure for MS

Hello Privacy folks,

While I fully plan to talk all about the millions of ideas that my various trips to China, Redmond, Travers City & Canada this summer have sparked... today's entry is not privacy related at all. But you may end up feeling better for having read it & doing something about it.

As many of you may know, apart from data privacy, one of my great passions is in contributing funds to research to unravel medical mysteries and to contribute to programs designed to bring comfort to families impacted by health issues beyond their control. This year some of my favorite folks at Sun Microsystems have teamed up to form Team Sun to share our passion for making the world a better place & to participate in a bike tour to raise money here in Northern California.

Every hour of every day, someone is diagnosed with Multiple Sclerosis (MS)-- MS is a disease that impacts the central nervous system resulting in a variety of frightening and unpredictable symptoms.

That's why I registered for the MS Bike Tour, and why I'm including the link should you find yourself wishing you could support our fund raising efforts with a tax-deductible donation.

The National Multiple Sclerosis Society is dedicated to ending the devastating effects of MS but they can't do it without our help. It's faster and easier than ever to support this cause that's so important to me.

You can either follow the link at the bottom of this message or, if you prefer, you can send your contribution to the address listed below.

Any amount, great or small, helps to make a difference in the lives of people with MS. I appreciate any and all financial and moral support and look forward to letting you know how I do.

P.S. If you would like more information about the National Multiple Sclerosis Society, how proceeds from the MS Bike Tour are used, or the other ways you can get involved in the fight against MS, please visit nationalmssociety.org.

My personal page:

Page for Team Sun:

National MS Society · Northern California Chapter
150 Grand Ave, Oakland, CA 94612

Now if I could only get in shape to actually ride 110 miles!! Egad.

Tuesday Jul 10, 2007

Finders Keepers

I found my Java smartcard!

I was picking up the playroom this morning at an ungodly early hour today & discovered my long lost Javacard. My 5 year old put it in her doctor kit because she wanted to be sure that when Dr. Dennedy goes to her fictional hospital that she would have "a key to get in in the morning & so that everyone knows that I am the one who knows what to do to the sick people." She was even walking around to doors and saying "BEEP" before going in.

Her sister apparently did not meet the appropriate access level for the doctors office-- she was a patient & had to wait for treatment.

Ah the joys of motherhood. That moment when your child realizes the value of symbology for authentication, role based access & presents a proximity reader use case....sublime.

Tuesday Jun 26, 2007

Get Prepared

This is geographically limited to the Bay Area, CA, USA but the message is universal. Get prepared for the unexpected.

Part of getting prepared for data disaster is getting prepared for more traditional disaster as well. That is just about the only data protection or privacy tie in for tonight's thought. If you're looking for a privacy specific update, please wait a few days. I just returned home from Beijing and I am leaving for Michigan at 5:00am local time. I've got some stuff in my head that will have to stay there until next week when meeting-palooza is completed.

For tonight, a free free free class offering disaster preparednedd training. If you haven't made your family & business group plan yet, do it. Be ready for anything. The following was sent to me by the City of San Mateo-- I had no other relationship to this group than that, but it looks like a great idea. Check it out & judge for yourself if you would like to participate:


Are you and your family ready to respond following a major disaster in the Bay Area?

Here is an opportunity to learn how to perform basic disaster skills from the San Mateo Fire Department. During the six week course, participants are trained in emergency skills that will include earthquake preparedness, disaster response, basic disaster medical care, light search & rescue, firefighting, damage assessment and response team organization. The final class will enable participants to practice these new skills during a hands-on drill at the Fire Department Training Center. Safety Equipment will be provided to all participants upon graduation. Please wear comfortable shoes and clothing to class. For more information, please call 522-7960 or visit www.sanmateocert.org

Course is FREE and open to adults 18 years and older, everyone is welcome.

July - August session

Course #: 36804

Location: Silicon Valley Community Foundation, First Floor Conference Room, 1700 South El Camino, San Mateo

Day / Time: Course meets five Wednesday nights: July 18, 25, August 1, 8, and 15 [2007] from 6:30 to 9pm

The last class will meet on Saturday, August 18 th , 9am - 3pm at Fire Station 23.

Think about privacy in safety...




« June 2016