We are all expected to carefully manage access to corporate information. We are required to protect customer’s sensitive data, the corporation’s valuable intellectual property, financial, product, and legal planning, and data shared by our business partners, and more. Increasingly, we are also expected to rigorously manage the information life-cycle. From its creation, usage for any and all approved purposes, to its scheduled destruction, managing every information asset is just part of our mandate. We all just worked our way through reviewing our activities of 2008 and build our plans for 2009 and beyond. I believe that it is easy to invest so much energy researching and analyzing our corporations and our close competitors that we lose sight of some potentially-material influences.
Business, especially financial services, is global. Massive, immediate, and constant electronic communications are an essential component of maintaining much of our business operations. Even much of our “small” business depends on constant, on-demand electronic communications. Today, this is almost entirely digital. There are benefits. We are able to store “copies” of our communications along with associated meta-data, search them as needed to support decision-making, to respond to legal inquiries, to support research — the uses are limited only by our imagination [almost]. At some point that information is no longer needed or it is most appropriate for our financial and risk management goals to destroy it. We now have tooling that can effectively identify and delete data meeting specific criteria (age, author, topic, etc.). This type of data life-cycle plumbing is beginning to be routine, and an expected minimum capability throughout the financial services industry.
After dealing with some information retention documentation recently, I remembered that it might be time to step away from an industry-inward-looking review of this territory. I heard someone mention “611 Folsom Street” in passing on a news report… Despite all our investments in data architecture, stewardship, engineering, infrastructure investments, and block-and-tackle operations, it is conceivable that our efforts may be wasted.
“611 Folsom Street, Room 641A, cabinet 070177.04, San Francisco, CA” became part of the broad public record between 2005 and 2007 as the description of this site, and information about its probable use worked its way through the U.S. courts.
Regardless of the political spin one wants to apply to this site — “critical component of the war on terror,” “warrantless domestic wiretap” facilities, “signals intelligence and associated data mining equipment,” “Internet surveillance,” “child of the Total Information Awareness (TIA) program” — it is most likely one of what James Bamford estimates is from 15 to 30 secret Department of Defense/National Security Agency’s interfaces that collect and inspect huge amounts of U.S. and international communications. These are copies of our digital communications that fall far outside our data management controls. This vast pool of data and accompanying metadata is an enormously-valuable resource. It will attract users far beyond national security. Some of it is now five to seven years old, which is likely to be far beyond your corporate data retention requirements. As a result, information that your company has “destroyed” is still available — although we have not yet seen public displays of its use.
Risk management has many dimensions. I believe we need to educate our most senior executives that they need to factor this issue into our strategic data management plans. It it their most important task? Probably not. But could use of that data put the value of your corporate brand at risk? For too many corporations the answer it probably “yes.” So we need to manage that risk. Most of our organizations already invest in federal and state lobbying. We should use a portion of that influence to help craft a plan to manage the risks associated with the presence of that enormous, and attractive pool of data. Because of the potential for using this information in ways that are not in the best interest of business or of our citizenry, my recommendation is to delete all of it except records that are relatively directly associated with:
- A specific, legally-documented law enforcement action,
- A specifically-authorized and narrowly-defined [using a “reasonable person” test] U.S. signals intelligence mission,
- A civil or criminal legal action pending or in flight.
What do you think?