Slashdot Mirror
IBM Appoints Chief Privacy Officer
Chibi writes "IBM has taken a step in what many would consider the right direction, as they have created a new position of 'Chief Privacy Officer.' They are looking at the position to be more policy-focused than technology-focused, and have appointed a lawyer to the postion."
Consumers want to share music; corporations want to share personal information databases. Why should only one or the other be allowed to?
It's like saying if information is free all of it has to be.
Got friends?
Which OS is more policy focused: Windows 95, or Linux? I say Windows.
Which is better at securing your private data? I say Linux.
What does this tell us?
Got friends?
I get the impression that the IBM anti-trust case had a radical impact on the company's behavior. It sounds as though their experience with the government being angry at them was sufficiently chastening that they've tended to bend over backward to avoid a repeat ever since. I almost get the impression that they've concluded that their business is so well off that they don't have to behave unethically to get an edge, and so the combined advantage of avoiding further government unfriendlyness and appearing to be nice guys is considered to be a smart business position.
There's no point in questioning authority if you aren't going to listen to the answers.
- Multinational Corporation
- An attorney
- The word "Privacy"
all used in the same paragraph. My butt cheeks are so firmly clenched that I may be driving myself to the emergency room in order that my next bowel movement can conclude successfully. I would trust an attorney with my privacy about as readily as I'd trust a rattlesnake to perform oral sex on me.Okay, I'm at least moderately cynical and possibly more than minimally paranoid. But when a major multinational corporation appoints an attorney to a position supposedly advocating and protecting consumer privacy, and issues a press release about it, I check my calendar. Yep, sher enuff, it's still the year 2000. I still don't believe anything that comes out of an attorney's mouth, and I don't believe in a corporation that cares about me except as another contributor to the revenue stream.
If IBM has news it's released as a white paper. If it's released as a press release, it's just propaganda. Perhaps as the opposite of Your Rights Online, slashdot should have a category for this kind of thing called "Yeah Rights Online".
--
Warning: This signature may offend some viewers.
Vovida, OS VoIP
Beer recipe: free! #Source
Cold pints: $2 #Product
If a CPO is a Chief Privacy Officer, what would a C3PO be?
Software sucks. Open Source sucks less.
At the very least this helps them out when they get into hot water. The privacy officer is given the freedom to carp about the subject as much as necessary, but the end results are the responsibilities of IBM business managers. The privacy officer can unify and codify privacy policies for any/all subsidiaries and business lines to ensure the whole company is marginally consistent. Then, if there ever are questions from a legal standpoint there is both a person to be the lightning rod for resolution and for the board to point to and say, "hey, we care about privacy" and then hand the problem to that person.
I do not have a signature
Say IBM get's a new CEO that wants to start selling the e-mail addresses of their web-store customers to other companies. Would the Privacy Officer have the power to stop this?
If the privacy policy given to said customers forbade selling on their email addresses, then that couldn't happen (unless IBM broke the law) - and that's partly what a privacy officer's job is: ensure that any services which hold data on people have a well-defined privacy policy. It's up to the customer whether or not an individual privacy policy is to their satisfaction; but anything done with the data within those boundaries is fair game.
In the UK, by the way, we have the Data Protection Act, which defines strict laws about what information you are allowed to store on individuals under what circumstances.
--
Geek 1 - IBM's got a new CPO. How about that?
Geek 2 - I hear he's a lawyer.
Geek 1 - A lawyer? Wow, that's a spicy meatball!
Cripes, this has absolutely no meat.
---
---
Slashdot: News For Zealots. Stuff That's Hypocritical.
That is nice. They'll have a central place with all the privacy policies. That gives a central place to get information on their policies and a central place to complain to. Noone can say it not their job, or push you off by saying that they'll look at it. I hope this works out well.
Have you read my journal today?
The idea of a privacy officer sounds great, but one has to wonder what happens if the concerns of said privacy officer start to conflict with the wishes of the company? Say IBM get's a new CEO that wants to start selling the e-mail addresses of their web-store customers to other companies. Would the Privacy Officer have the power to stop this?
The example I use is rather simplistic I realize, but this is an issue that get's more complex every day. Will company privacy policies hold up against the misguided wishes of a companies CEO, board of directors, or stockholders?
So music should be freely available and downloadable by any idiot with a modem, since "information wants to be free", and software should be distributed with source code since its "wrong" to keep this information from people, yet for some reason, your name, address and phone number have some sort of sacred status??
DrLunch.com The site that tells you what's for lunch!
Whitehat.com awarded part of IBM a White Hat of the Month award in February. I have no idea whether the site is still actively maintained, but WhiteHat was an attempt at replacing crap like TRUSTe with an organization that actually *cared*.
IBM is moderately serious about privacy. They are the only major vendor (except Compaq) that hasn't spammed either me or anyone I know. Gateway has spammed most of the people I know; Dell has spammed a couple of them, etcetera etcetera. IBM has had my email address in their databases for two years without bugging me, and has been very good about sending me information I asked for *and nothing else*.
I know it seems weird, but IBM may actually be one of the more ethical companies out there, in this regard.
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
You can't sell a service if you can't name it so this is the name attached to selling that service. You sell privacy services - makes sense since as the article mentions you can't sell security explicitly. It's like trying to sell life insurance or tombstones. No one wants to deal with it until they have to. Moreover since security and privacy tends to take a tools approach its very hard to put the tools wonks in front of customers and execs. They don't communicate well with one another.
Trust me - IBM would not make a public announcement of an executive level lawyer/engineer (can you say patent attorney?) just because 'privacy' gives someone a woody. It's to create a business function that can be used to sell privacy products like PKI and smart cards, encrypted MQ, safe Notes, private email. Or it's to sell consulting services like 'how to insure your customers' privacy' or 'how to insure that employee web surfing is being tracked legally' or 'getting that search warrant for your employees home computers' and so on.
Or if I were cynical I'd put it in the "Minister of Information" category - to whit - insuring that there is absolutely no privacy at all.
But privacy is closely related to security, and anyone truly versed in security knows that policy is the real issue. You can throw all the technology at your security that you want, and if the policies are broken most likely the security will be, also. But if you have a good security policy, it will guide you on the correct technology to deploy, how to deploy it, and how to assess and manage the risks you are taking.
Read the articles, and you'll see that that's what this is about.
The living have better things to do than to continue hating the dead.
- Microsoft
- The IRS
- Al Gore/George Bush (pick one)
- Torvalds
- Your Local CouncilMan or City Official
- Your Boss
- Finance Institutions
- etc.
gets interesting after awhile"It is a greater offense to steal men's labor, than their clothes"
<conspiracy theory>
Remember, in George Orwell's "1984", many of the organizations and positions were named opposite of what they actually did... the Ministry of Peace made war, etc. Newspeak has become more and more common with corporate America (I don't know first hand about elsewhere, but I'd imagine that it's vying for its share there too), and phrases like "we must accentuate our efforts to prioritize gross revenue intake to better posture our entity in the market" and other crap like that, and eventually language will mean nothing. They might not be like _that_, but remember, just because it hasn't happened (that we know of) doesn't mean it can't happen...
</conspiracy theory>
"Titanic was 3hr and 17min long. They could have lost 3hr and 17min from that."
IBM had PL/1, with syntax worse than JOSS,
And everywhere the language went, it was a total loss...
----
The Register has a good article on this also.
Sleep: A completely inadequate substitute for caffeine.
-Daniel
TiVo hired a Chief Privacy Officer about two months ago. TiVo may or may not have been the first (I don't know), but IBM was not the first as seems to be the implication here. It's good to see a big company picking up on this, though.
-----
Free P2P Backup, Windows & Linux
I don't see the advantage here? Wouldn't a privacy initiative cancel out (or at least diminish) publicity efforts?
In many ways I look at this article and wonder if this means people will assume that IBM is trying to close itself off to people. I think with any company looking to make money...there are always things that must remain private. While this could be the problems of another company, it also has a lot to do with new innovative research, policies, etc. I don't think that this is really a surprise to anyone and was frankly surprised to even see it on slashdot. I am of the belief that this is a good and practical thing for any company of any size with the slightest amount of confidentiality/innovation to consider.
------
My opinions do not at all represent my employers.
Come one come all! (except you, the funny looking one) The Linux Pimp
--It's Pimptastic!--
On the horizon, companies and consumers face serious challenges "over locational issues," whereby wireless technology makes it easier to pinpoint handheld and cellular phone users, Pearson warned.
From that statement she sounds paranoid enough to fit in on Slashdot so that's good enough for me. Hopefully her job allows her to do more than just sit there and sharpen pencils all day though. If she is allowed to do her job, and given the resources she needs, I think this is definitely a good thing. But, if this was purely a move by IBM to get publicity, and don't intend to give her any real power, then it's useless and will give a bad example to the rest of the industry. We'll see what happens.
Mas vale cholo, que mal acompañado.