Why five principles?

This principle – Privacy by design -  sounds great with the 3 words title which is rather arty and catchy like a company’s business motto.

The description – ‘New technical developments have to observe data privacy requirements at an early development stage, thus permitting the introduction of data protecting hardware and software’.

Only ‘new’ technical developments and at an ‘early’ development stage?

Just another play with words for my own amusement.

In terms of designing hardware and software for data privacy and/or protection, the play with words will not help software folks.

When I am asleep, I guess I have nothing to do with technology unless I am in a technological related dream. This will probably be the end of my spirited being.

Here is an interesting question (or a dream question?) raised by someone at the Sociotechnology and Knowledge Development (sociotech) Group. I see nothing wrong in raising the question in my blog here. Any objections and concerns, please post here or contact cher at iedisc.com

Gosh! has technology got me to be so so cautious?!

The question coming from the sociotech group:

What do we really mean by technology?

This question sound similar to several questions raised by law/policy makers during an ediscovery conference I attended in 2009 in Barcelona.

Substitute the word ‘technology’ with ‘processing’ or ‘privacy’ or ‘consent’ (as in data protection), we end up with more dreamy questions with little common understanding or agreement, especially when discussing on ‘what are the real issues with cross border ediscovery?’.

The questions were based on this statement (or an opinion?):

There is no legal basis (or justification) for ‘processing’ which includes transferring, viewing, accessing etc, of data in ediscovery across the Atlantic (i.e. the Europe & US divide). What? No viewing, i.e. I can’t even open-view the file/data !

I guess the answers were not in the questions being raised, as the only answer that the policy makers were seeking to get assurance is: ‘how safe is my (personal) data’?

So, ‘What do we really mean by technology?’

My dreamy reply: ‘technology’ is a beast and also a non beast, a thing and also a thingy.

What is your view(s)?

In my role as an IT manager or project manager, I will never say to my team ‘we must get along with so and so to build this system’ or ‘we should try to talk to each other’. Who relishes to be ‘told’ or talk to on what to do? Definitely not want that directed at/to me and so why do it to my fellow workmates/colleague? It’s simply counterproductive and easily generate towards an ‘I told you so’ culture which ultimately leads to ‘a blaming culture’. In a blaming culture, creating a meaningful or ‘good stuff’ outcomes gets circuited.

I have recently come across several articles/postings highlighting that ‘IT folks and lawyers are still not talking or failure to co-operate’ in ediscovery activities. This is the posting which got me to blog. BTW, a catchy title ‘Legal and IT Are Still Not Communicating’. The posting ended by stating that ‘Only dialog between legal and IT will change that’. (i.e. the respective responsibilities of legal and IT still are not being carried out by many because they don’t understand them). Understanding starts somewhere and dialog is great if both parties are willing to have a dialog. Even building bridges between IT folks and lawyers have surfaced elsewhere.

Let it be known that it is not that IT folks are not talking to lawyers; it is most likely that ‘the talk’ is directed from lawyers to IT folks. (I am assuming in most organizations, lawyers initiate or announce the litigation hold and other ediscovery requests to the IT department). IT folks are used to receiving requests from other departments (including lawyers). However what is unusual in ediscovery is that most IT folks (unless they are trained on ediscovery terms and have exposure to ediscovery activities or have been fully briefly beforehand by legal staff) will treat the request as an IT request rather than an ediscovery requests. It’s not that ‘we are not talking’, it’s more like ‘what are we talking about?’ and ‘how do we start to get to the ‘same starting page?’. Now, how to get both parties to turn ‘talking’ into meaningful dialogue?

Failure starts when both wants to start building bridges to bridge with each other and failed to recognize that the simplest bridge is defining a raft to get to a bridge. There is always a bridge somewhere already waiting for us, just finding a raft is the first hurdle.

Remember the story of building a bridge? Let’s start by learning to define a raft and not focus on building bridges as there’re already bridges (i.e. ediscovery models, tools/systems) waiting to be used.

Finding willing raft designers from both parties is probably the first hurdle

Go and ask a lawyer to collaborate and see what kind of respond you get. I have done this couple of times and the responses I have received so far are fearful (non-collaborative) responses. Rather than seek collaboration, I am asked questions which are geared towards providing them with information so that they can compete with me or put me in a less favorable position. I have also been challenged in other non-collaborative ways.

Saying so, I have also met some wonderful people who understand the meaning of collaboration and have acted collaboratively, not just saying they want to collaborate. The word collaboration has become a buzzy word in the world of ediscovery. Buzzy word gets attention! Just yesterday (or was it Friday?) I was invited to collaborate on producing a Glossary on ediscovery. I jumped at the idea as it was something I wanted to do when I first started this blog. More to come on this wonderful collaboration….

For me, sharing information takes more courage than talk of collaboration. On the buzzy use or talk of collaboration, read the article ‘Time to Work Together on Electronic Discovery’ posted by Clearwellsystem. I like the video blog: Information Security and eDiscovery.  Why? Mr. Ron Hedges covered confidentiality and privilege which are both non buzzy words but are the hide and seek in ediscovery actions. What is collaboration in ediscovery? Lawyers collaborating with IT people?  Is that it?

Many worlds colliding in facebook judging by the number of groups. Oh imagine if (or when) facebook gets meshed up with Google. Just before these two worlds collide, I’ll leave the facebook warning message to me here for future proofing:

Please Read This!
Warning! Your account could be disabled.

Your behaviour indicates that you may be in violation of Facebook’s Terms of Use. Continued misuse of Facebook’s features could result in your account being disabled. If you have any questions or concerns, you can visit our FAQ page.

How cool !

Want to know the heart of the issue in ediscovery? It’s not about the ediscovery rules/laws or about judges. To hear one world view, see the interview conducted by IT Business Edge. Like in facebook, people enjoy creating different world views and the real fun starts when two worlds collide like me and the facebook creator/owner.

I dread to imagine my world when Google and facebook becomes ONE.

When I said ‘old’ it’s over 20+ years aged Sony TV. Still working fine except the remote sensor is not working. Anyhow I cancelled my TV licence yesterday via e-mail and wasn’t too sure what I need to do to ‘disconnect’ my set. Phew! I am glad it’s a simple disconnect of cables from my set (to ‘show’ that I won’t be using my TV for recording or receiving programmes). Amazing…it’s not something I imagine doing i.e. disconnecting my TV…sounds rather weird in this age of gadgets and the likes.

Maybe soon the ‘TV’ set (like my ‘old’ TV) will be revamped or re-classified to be something else to cater for the ‘digital TV’. Will TV still be ‘TV’ and not ‘HD TV or digital TV or something TV’?

Classification sounds easy but is it?

In ediscovery/edisclosure, searching for ESI assumes that the data has a hook or a ‘name’ or being indexed or classified to denote the nature of the ‘data’. As the nature of ‘data’ changes and also the storage of it or the gadgets that hold it changes, classification requires far more imagination than simply throwing out the ‘old’ ( like me cancelling my TV licence via e-mail. Oh! the physical cancellation paper to follow ).

Beyond my TV room, apparently there’s an ongoing trade dispute due to ‘old’ or outdated Informational Technology Agreement (ITA) whereby the ITA is obsolete due to problems with classification of new multifunctional digital devices (like the new digital TV). For old and still relevant news, do check out the report at egov. A pretty long winded article to report on a problem with classification of digital devices, not easy eh?

Will classification of data or ESI become a matter of dispute in the ediscovery space? So far, from the list supplied by Kroll Ontrack Inc. in their ‘Year In Review’ report (the US ediscovery landscape), classification issue is not on their top charts (yet).

I suspect the majority of blog readers/subscribers are aware that the platforms in the clouds such as facebook (e.g. the landmark case in Australia) and twitter (big companies using this to connect and tweet with their customers) are sources of ESI. As mobile technology gets more integrated with these clouds of information the ‘Future Year in Review’ list (like the list compiled by Kroll Ontrack Inc.) will not just be ‘process-oriented’ but also ‘platform-oriented’ or rather infrastructure related. No doubt the question of classification will emerge with the discoverable or reasonably accessible issues like the disputes around the obsolete ITA. It will be tweets against search criteria or algorithm. Now the 140 characters tweets or twitters are surely more accessible than the zillion of e-mails, right? Well…like I say classification sounds easy…

I will invade the twitter dome this year for some fun.

I wish I can go to the Beijing Olympics…oh well…

Today, I heard over the radio (most likely BBC 3) advising visitors to the Beijing Olympic on what not to do?!

One ‘not to do’ is ‘not to ask what they do’ (i.e. avoid asking the Chinese what they do for living or their work).

Gosh! I have lived in Shanghai and Kunming (& have travelled to Beijing and other parts of China) and my advice to anyone going to the Olympics is not to avoid anything especially asking questions?! I guess it’s just radio commentary and not to be taken too seriously.

How about this ‘East meets West style of psychological integration’?

Professor Mok from the National University of Singapore gave a speech, titled “Ancient Chinese thoughts and modern leadership” at the Fudan University . Professor Mok’s suggestions are interesting. If his suggestions are adopted by the Chinese scholars in Fudan, soon all MBA students around the world (for the integration to be meaningful) will also have to study the ancient Chinese thoughts, i.e. Confucianism, Mohism, Taoism, Legalism, Military Arts .Whether future leaders will be able to grasp these ancient Chinese thoughts and think like Confucius etc. will be something I won’t be interested in.

What I am interested is how and why Professor Mok makes the connection between corporate decision-making with Taoism. This is indeed worth checking out. Would Taoism thinking helps with ediscovery/disclosure decision-making?

Maybe I ought to find a way to return or to Go East

Furthermore, there are technology vendors/suppliers providing various forensics and investigations related tools and software for ediscovery/disclosure. Also, this year there are several organisations providing trainings/seminars on ediscovery/disclosure. Not surprisingly, lots of trainings/seminars have been conducted focusing on the ‘what’ and ‘why’ of ediscovery/disclosure. When the ‘how to do…’ is encapsulated or prescribed in process models or in cookbook approaches like ‘tips and traps’, the application or rather the act of performing the ediscovery/disclosure activities will still need to be carry out by people and team of people. Process models and ‘tips and trap’ will add to the heap of processes and procedures for organisations. Also, people generally trump or ignore procedures especially if there are too many to chew.

From my own real-world lessons, having worked with several major organisations in large projects/programmes involving software development/implementation, ediscovery/disclosure activities will require not only tools, process models and procedures. Like software development projects, ediscovery activities involve many stakeholders with competing needs and interests, many dependencies all requiring resources to be used effectively. Why not utilise a project management approach to manage the resources?

As far as I am aware, most or practically all commercial strength project management approaches and methodologies do not provide any framework for dealing with the people aspects in managing projects.

For example, PRINCE2 has detailed description of managing product deliverables and also steps for managing risks. I recalled in a PRINCE2 Practitioner training course, the instructor said something along the lines: ‘For effective project management, the people skills are crucial and are not covered under PRINCE2 trainings or in the manuals’.

Moreover, even if ‘best practice’ guidelines such as the IT Infractructure Library (ITIL) is adopted by organisation, the challenges of co-ordinating and working with diverse teams of people as when in an ediscovery scenario will be even more pressing. People cannot be certified against guidelines or even standards e.g. BS 15000, the IT Service Management Standard.

Individuals and team dynamics are what make an organisation ‘tick’. It is also common to hear other phrases such as ‘people matters’ or ‘we value people’. However, when it comes to tapping into (or the buzzword –empowering) individual to deliver the required value, the ‘tick’ becomes more like a loud bang. Loud bangs are generally not welcomed (unlike in Chinese celebration where the loud bang from fire crackers are said to drive away demons/back luck etc) as noises are deemed as unpleasant causing discomfort and unanticipated consequences. Is this why people avoid or simply fail to cope with the dynamics of people interaction?

Perhaps I have lost touch with my own abilities to do what comes naturally. How to get back in touch with my own abilities? How to get in touch and stay in touch with my own abilities especially when I am faced with chaos or in chaos situation whereby I have to interact with others.

Looking back to the heydays of the 80s, where there were less processes or tools and less rules and regulations, I was better equipped (by being less equipped with choices) to get any job (mainly building great systems and running a family) done with lots of ticks and banging. Nowadays there are way too many processes/tools and every actions I take there are rules/regulations to catch me out or trap me. So much so, I dread the thought of walking into an office, especially in an organisation where people, process and technology (what else is there in a 21^st office?) actually restrict and hinder my abilities to feel, think and act. So far, I have been mostly fortunate to work for/with companies whereby the people makes it worthwhile going into office to work.

Do I have an alternative to escape the 21^st organisational trap? Well, I have been busy re-training and re-visiting my long held interests and most importantly reflecting on my life and how I want to live my life. I am taking small steps each day and learning to cope with needing less and reaching out into my inner strengths.

One realisation is that when I am in chaos, I will find a frame of reference to make me feel good again. This frame of reference can be anything or nothing. When I find my frame of reference I get the ‘tick’ and this makes me feel good. Feeling good enable me to make sense of what I need to do. Doing then becomes second nature, effortless work or task.

When in Chao, find a frame of reference!

In collaboration with others why not find a frame of reference too?!

According to Prof. Tony Hoare at a BCS evening talk, the collusion of the Science of Programming with the Engineering of Software provides interesting areas for research in domain modelling and ontology related subject areas (e.g. ontology languages).

Maybe one day there will be a ‘perfect domain model’ to represent our ‘real world’ with unbounded boundaries and constraints. Until that day…the present reality is that there are hosts of all kinds of information sets to talk about and write about.

If one can create a ‘wall on collusion’ of all existing laws and regulations on data and information, what would it look like?
Daniel J. Langin, Attorney at Law LLC provided a sample just on e-mails, A Guide to Keeping E-mail Legal: Four Pillars of Compliance‘.