« February 2005 | Main | April 2005 »

March 30, 2005

It's like insurance or data backups...

You don't think you need it - until you need it. Privacy Compliance. Often considered by many or most corporations as a major pain in the rear - until there is a major privacy or security issue to deal with. Security breaches. Stolen data. Corporate espionage. Class action law suits. There is a lot to be wary of.

I ran across this article at ComputerWorld in my IAPP Daily email alert - Regulations should be Impetus for Standardization - now, it is really more of an "infomercial" or advertisement written like a news story, but I think the lead in characterizes the problem space well:

Privacy and data security regulations such as the Health Insurance Portability and Accountability Act (HIPAA), the Gramm-Leach-Bliley Act (GLBA), and Sarbanes-Oxley (SOX) are viewed unfavorably by many who perceive them as inefficient business cost centers. But the various industries affected by these regulations should take the opportunity to standardize business practices around the regulations in order to create greater business efficiencies and enhance compliance.

Most industries have some US federal regulations or legislation that must be adhered to as a cost of doing business. Don't forget the numerous state level statues regulating privacy and security issues. If you are a global company, you are dealing with much stricter standards already - mostly in Europe. If you are a smaller corporation or company anywhere, even one not in a highly regulated industry - just having customer and employee data puts you at risk.

The bottom line - pay some attention, alot if you can. If you can't pay a lot, a little may not be enough - but is better than nothing.

If you can, elect a privacy officer. Make it someone's job to be the internal watchdog. Embrace this "cost center" and make it an efficient entity in your business.

If you can't hire someone explicity to cover privacy for your organization, at least designate some combined coverage for oversight at a minimum. A "privacy council" could work - a few representatives from key areas in your staff: legal, operations, IT, HR, and Sales.

Privacy touches all aspects of an organization - so make sure your owner and/or privacy team has access to those groups or reflects that diversity.

Privacy issues for businesses today are only going to become more prevalent. Technogical advancements at nearly alarming pace have ushered in an age where individuals are being serviced online or wirelessly in already ubiquitous manners. Email, IM, Blackberrys, Tivos, Cellphones, Treos, PalmPilots, Sidekicks. As Peter Hoskins recently reported:

• There are now over 500,000,000 Java enabled phones in the world
• The majority of the world will first experience the internet through their mobile phones
• There were a BILLION wireless devices sold last year, and around 100 million PC's

Just think of the service industries and businesses taking advantage o the market opportunities there. Then think of the hackers, phishers, and other bad actors also targeting their customers. Protecting those customers from harm must be actively managed in a measured fashion.

Oh, and don't forget traditional, offline business models and data storage. Just because you may not be an online business, doesn't mean you aren't a target.

The business world changes fast and it can be hard to keep up. This is especially true with protecting your customer data and assets - and the importance of privacy and security can be easily overlooked.

Don't get caught in a privacy mess, just because compliance is a pain, or an extra cost. The one time (or next time) you have an issue, being prepared could be the thing that saves your business. You only get one privacy mulligan in the court of public opinion (if you are lucky). Try not to need it.

Posted by gcrgcr at 8:55 PM | Comments (1)

March 24, 2005

My Son the Spam Copywriter...

I've got three kids - two boys and a girl. Ages 7, 5, and 3. My two boys share a bedroom, and last night while getting them into bed I noticed this sign on their door. I'm not sure when it was made and how long it was there, but it took me a minute to "translate" it.

Ceep UTO, no Gerl's.  Only Boy's.

Once I read it, twice... Aha! Cute! Classic message for a bedroom door of two boys.

It reminds me of spammers attempts to only slightly obfuscate text of their messages in such a way as to avert textual spam filtering heuristics, but still be translated by a human upon reading it.

If you think about it, our minds translate simple typeos easly and quikly - sort ov on the flie. See whut I meen?

Anyway, AJ either has a career ahead of him writing copy for spammers, or he's slightly dyslexic and may have to hang back in 1st grade for a second time... :)

Posted by gcrgcr at 3:18 PM | Comments (0)

March 10, 2005

Blurnalism - Is Blogging Journalism?

So Joe C. sent over an interesting story last night about bloggers versus journalists.

Are Bloggers Journalists?
A California judge issued a preliminary ruling on Mar. 3 that three bloggers who published leaked information about an unreleased Apple (NasdaqNM:AAPL - News) product must divulge their confidential sources.
If the ruling holds, it will set a precedent certain to reverberate through the blogosphere because this means under the law *bloggers aren't considered journalists.*

For more on the story...


This story boils down to some interesting pieces. Apple, or any company, has a right to protect trade secrets. They hold their employees contractually to such. Purportedly, an employee or insider, released this information. Apple will force the "journalist" protection issue so they can find out where their leak is.

It makes me wonder - would a "real" journalist have run this information? Part of being a journalist seems to be having a pretty core understanding of the fuzzy protection surrounding the professions - especially the protection around not revealing source. Even still, it seems to me that a "real" journalist would probably stay away from releasing corporate trade secret in the news.

So, to the question, "Are bloggers journalists?", I don't think so. Clearly ALL bloggers are not journalists. Additionaly it is probably true that MOST bloggers are not journalists. Certainly however, it can be true that SOME bloggers ARE journalists.

I blog therefore I'm a journalist just doesn't hold up for me. E.g. just because someone decides to practice any particular skill, whether it be writing, medicine, art, law, doesn't mean they qualify for our automatically are bestowed with all the benefits and/or protections that come with the corresponding profession.

If a guy cuts his leg open at home to get a splinter out, that doesn't make him a doctor. He can't go write a presecription.

"Journalists" do have industry and self regulating "oaths" etc... that make up the fabric of "the profession". Don't they?

Still, the article raises many interesting questions. Apple asserts the people who run these sites aren't "legitimate members of the press." and therefore it has the right to subpoena information that will reveal which Apple employees are violating their confidentiality agreements. In most cases, journalists are protected under the First Amendment and don't have to reveal their sources.

So what makes a journalist? Publishing something that is public? Read by any other natural person? Has a publication frequency? Carries advertising? Is done for pay?

What about independent recognition? The story mentions how in "2004, bloggers for the first time received press passes to cover the conventions during the Presidential elections. They have broken major news stories. Several prominent bloggers have become media pundits. And mainstream media outfits, including BusinessWeek Online, are developing blogs to complement their traditional outlets."

Personally, as a blogger I've never felt like a journalist. I posted last year on a similar story, Bloggers don't do it for the Money.

Maybe Blogging becomes Blournalism a bit when someone starts to attempt to make money on it. Probably not journalism however, until they obtain or achieve the legitimate credentials that come with the profession.

Posted by gcrgcr at 8:26 AM | Comments (1)

March 6, 2005

de.lay.ed on del.icio.us no more...

So, I wasn't sure what del.icio.us was for the longest time, other than some very clever sub-host naming on a domain for a URL.

Anyway, I saw this post by Whitney McNamara at SeaMonkeyRodeo:

Wednesday, February 09, 2005

You Old-fashioned "Web browser" People Can Stop Bugging Me

And that helped to clue me in. What is it? From the del.icio.us site:

del.icio.us is a social bookmarks manager. It allows you to easily add sites you like to your personal collection of links, to categorize those sites with keywords, and to share your collection not only between your own browsers and machines, but also with others.

I'd say at this point, for me, I see it as a nice way to get my bookmarks:

• Published online so I (or anyone) can reference them via a browser
• Made available as an RSS feed as well, so I (or anyone) can use these in otherways than straight browser viewing
• Organize according to keywords and easily drill in topically - assuming I make decent use of the feature by labeling my entries appropriately.

I'm sure there is more, but I'm definitely a del.icio.us newbie.

Matt Blumberg's initial bookmark feed is off and running.

So far, I like the keyword tagging best, here you can see my initial attempts to build out my "Privacy" section, also tagged with a "Reference" lable as well.

Whitney has an extensive bookmark list, which in a way, the way he posts to it, is like a blog of its' own. A "blookmark" page? Blogmarking? Especially the way he now carries the latest 10 del.icio.us posts in a column on his blog - it comes off as a richer content area than just bookmark links.

Once I have some decent volume I may try the same thing.

Now, on the downside, I have a few hundred bookmarks in My Yahoo! that I'll have to convert over. On the plus side, the benefits of del.icio.us seem to be more than worth it, plus I can weed out the expired bookmarks, and achieve the organization I've been seeking for bookmarks for a long time.

Ah, geekdom. It just feels good. :)

Final thought: I wonder when del.icio.us will be bought by Google?

Posted by gcrgcr at 9:24 PM | Comments (0)