Call me Nostradamus

Just caught this story from The Hill in which Sen. Joseph Lieberman calls for more surveillance cameras.

Yeah, the dateline is July 1, my post on this topic was July 1, and today is July 6, but I hadn't seen the article or heard his comments prior to making this observation (which I actually made publicly on June 30 during the RIM Renaissance conference). Besides, it didn't take Nostradamus or much imagination to make such a prediction.

I will point you to this quote from Mr. Lieberman, though:

“I think it’s just common sense to do that here much more widely. And of course, we can do it without compromising anybody’s real privacy.”

What exactly does "real privacy" mean? What does Lieberman think it means, and is that the same as what you or I think it means? And, ominously, do we want Congress to determine what it means under conditions of high anxiety over a possible terror threat? Debate still rages over the long-term implications of the Patriot Act. Let's not feel pressured to jump to a decision on surveillance and DNA only to suffer under the same burden of regret.

Mike

Chilling Implications

I turned on the television Friday morning to news of the failed terror attack in the UK. While the MSNBC report cycled through a video loop of images from the scene, and as Joe Scarborough and his team provided as much as was known at the time and the few updates that were available, one thing struck me.

The news reports made much of the fact that the London is, perhaps, the most CCTV/surveillance camera-saturated city in the world, and that the lack of an explosion meant there would be forensic evidence to be checked against Scotland Yard's extensive DNA library, and that both factors would likely contribute to quick arrests in the case.

Good news for investigators in the United Kingdom, but chilling implications for those of us here in the United States.

I know this event will influence the ongoing liberty/security debate here in America. As a nation we're already paranoid about some future act of terror, and we're constantly being told that we need to fear this shadowy enemy called terrorism. If the events of this past weekend result in a stronger push for and greater acceptance of remote security camera networks, and an undermining of opposition to extensive DNA cataloging, it will not be welcome news.

Using fear as a means of achieving legislative change is poor public policy. Loss of liberty should never be tolerated by patriots.

Adding Audience

About a year ago I started writing for Spot-On.com, an eclectic opinion mill that has been steadily gaining audience and influence. I started out with a tech-focus, but have since concentrated on political and social issues, reflective of my grumpy Libertarian perspective. I enjoy the opportunity to strech my legs and give voice to a point-of-view that is often ignored. Every once in a while I'll get a validation boost when an email comes my way, or when something I've written gets the attention of an outside authority, such as this editorial from Dental Economics magazine.

Well, news this morning of a syndication deal with WashingtonPost.Newsweek Interactive means that I and the rest of my Spot-On.com colleagues will add significantly to our audience. Since I write about privacy issues occasionally, I hope to make the most of this fantastic opportunity to not only carp about what's bugging me politically, but also continue to raise awareness over important privacy issues.

Mike

Shameless Self Promotion

Before the weekend, thought I'd post a link to my latest at Spot-On, a piece dealing with how well government agencies are doing in keeping the public trust. Or not.

Mike

Apples & Oranges

While I haven't been blogging about the TJX breach, I have been tracking the incident and there's a curious element to the response that has not gotten much attention in the news.

While it's clear that TJX was caught off guard by the breach from a communications perspective -- their public comments have often been inaccurate, contradictory, and misleading (likely not intentional, just symptomatic of their lack of preparedness). But one thing the discount retailer has done very well is amp up the marketing.

This article in Bank Technology News examines what may at first seem to be a contradictory response from consumers, but actually makes perfect sense. I've heard a number of people question consumer response, wondering out loud why affected shoppers continue to spend money at TJX. After all, hasn't research shown that consumers will bolt a vendor that doesn't respect privacy?

It's an apples and oranges comparison, actually. Consumers, above nearly all else, want convenience and a good deal. As a discount retailer, TJX stores know all about cutting price, and when they found themselves in the spotlight, while their corporate spokespeople were stuttering their way through explanations and interviews, their marketers were buying air time and (I suspect, though I can't tell for sure since I don't shop there) lowering prices. Here in TJX's back yard, the television is busting with commercials for the various TJX stores.

Ponemon Institute research showed the fallout for banks that fail to respect customer privacy, but banks are not able to manipulate costs the way a retailer can. Retailers have more and different options. Besides, a long-term relationship with a retailer is more of a series of short-term decisions. Choosing to do business with a bank is a more serious commitment on the part of the consumer, and requires a completely different level of commitment on the part of the bank.

In her article, Holly Sraeel understands and articulates the difference.

Prior Proper Planning...

You know the Seven Ps of Preparation, don't you? Prior proper planning prevents p*ss poor performance. (Some would substitute the coarser word in that phrase with "pretty", but I'm an ex-Navy man and that's the way I learned it.)

Getting back to the issue of preparation, I had the privilege of introducing Beth Givens of the Privacy Rights Clearinghouse to members of the Ponemon Institute's RIM Council today during the monthly RIM conference call. Beth pointed us toward an excellent article from February's Law.com. The article by White & Case lawyer David Bender, entitled "Why You Must have a Security Breach Response Plan," serves as a great thumbnail for any organization that may be wondering what they need to do should they experience a breach.

Of course, I'm pleased to see that David has included a couple bullets related to communications. The communications portion of David's checklist requires it's own plan to make certain an organization is prepared to let the public and other audiences know what's going on and to do so in a manner that is consistent with the truth and in keeping with the law. It is possible to say the wrong thing even if intentions are good, but with a plan in place in advance, the chance for such occasions are minimized.

New Thinking

When I read blog entries such as this one at ZDNet, I get both amused and frustrated at the lack of critical thinking that drives opinion on these and other important issues. You'd think it's an either/or proposition, and that the only available options outside of inaction are both evil and unacceptable. Yet, while hand-wringing goes on over current practice and worst option alternatives, no one's talking about other available approaches to the vexing challenge of maintaining watch lists without violating privacy.

IBM's Jeff Jonas figured the solution out a while ago and writes about it often in his blog (which is worth reading for a host of reasons). This entry is worth reading for a safe, innovative take on the issue of managing watch lists effectively, and without the troublesome privacy issues that most folks are worried about.