16 April 2014

Law and Technology Move Center Stage

Day 2 of the first ARMA/Sedona Executive Conference on Information Governance turned toward technology and law.  Tech featured the world of Big Data, while a mock trial and an exploration of IG in the public sector excited the legal eagles.  RIM features, like The Principles, took backstage until brief appearances at the concluding “town hall” forum.

Both presenters and attendees agreed: Big Data is ignored at one’s own peril, and it raises a multitude of questions and ethical dilemmas.  Repeatedly, presenters emphasized that Big Data is not “more of the same”.  There is certainly more data than before, but the real difference is the analytical algorithms applied to the data. 

Amazon uses algorithms to move books and products to nearby distribution centers even before a buyer places an order.  While enabling quick delivery can be important, using algorithms for alerts to medical conditions or pharmaceutical needs can be life-saving.  

In contrast, some Big Data analyses presented seemed ominously futuristic, like dystopic sci-fi movies where individuals’ every movement and choice are accurately predicted by a controlling government or mad scientist. In reality, whether Big Data is beneficial, neutral, or sinister depends on its use.  Is Edward Snowden a hero or a villain?

Why is Big Data significant for Information Governance?
  •        Algorithms enable more accurate eDiscovery
  •        Algorithms auto-classify records more quickly and accurately than human staff
  •         Big Data (and its analysis) raise serious ethical issues   
    •  It may collect personal information without consent
    • When consent is given, Big Data may be used for purposes beyond that of its original collection

Conference dialogue repeated that all data has value (more or less) and all data has risk.  The balance between the two invokes ethics in how the data is used.  Since members of the Bar, Certified Records Managers, and certified Information Governance Professionals are bound by ethical codes, understanding Big Data and its uses are essential to professional responsibility.

At the concluding “town hall” forum, presenters encouraged attendees to apply the conference’s lessons to their daily work.  The concepts of IG are over-arching, and the technology can be imposing, but that should not paralyze practitioners.  “Start small,” several leaders implored:

  •       Learn more about complementary disciplines. 

o   The non-technical should learn more about Big Data and how it works, perhaps by taking a course in probability or statistics.
o   RIMmers and techies should keep up on emerging case law relating to records, as well as revisions to the Federal Rules of Civil Procedure
o   Attorneys should add the Generally Accepted Recordkeeping Principles to their repertoire, moving on to newer and broader concepts of records and their management

  •  Apply Information Governance to under-managed information such as records held by  suppliers, including Cloud providers 
  •  Introduce and enlist organizations’ high-ranking officers to IG.  Consensus said it takes a C-level leader to harness the disparate contributors to IG.

The concluding forum also invoked the “C” Suite in plans for 2015.  Even though this first “executive” conference was light on executive attendance, I sensed real enthusiasm for high-level involvement next year.  Most likely, ARMA and Sedona will make an extra effort to recruit enlightened officers.  They may reach even higher, to corporate boards of directors and corporate secretaries.

As I mentioned, there were only a few references to The Principles, as well as Sedona’s Guidelines, as background and reference for ongoing IG work.

At lunch with leaders from both ARMA and The Sedona Conference, I reiterated my hope that there would be at least a nominal attempt at forging a mutually acceptable definition of “Information Governance”.  Alas, my plea went unheeded, and the conference closed with everyone’s preconceptions intact.  

In the fourth (and possibly) final post on this conference, I will present a summary and analysis of the event as a whole.  Tune in tomorrow for another exciting adventure into the emerging world of Information Governance.

1 comment:

  1. Here is a succinct definition of Information Governance, which I have developed in the course of researching my latest book which came out last week, "Information Governance: Concepts, strategies, and Best Practices (Wiley, 2014).

    I'll put it out there, and don't mind it getting kicked around and torn up, so long as we put it back together and end up closer to a consensus. Clarity is needed. We all can generate wordy definitions to cover all the bases, but then the message gets lost.

    I spoke to the ARMA greater Los Angeles chapter last week, and before my presentation, I asked, "Who is clear on the definition of IG?" Not a single hand went up. So it is the duty of thought leaders and trade associations to boil it down, make it succinct, usable, and memorable. I have it down to 10 words.

    IG is : "Control of information to meet legal, regulatory, and business demands."

    That's the shortest I can get it. I'd like to say "business information" but that's implied. I'm trying to keep it succinct.

    Now let's break it down.

    "Control" means the management, policies, processes, and controls -- all of this is essentially control. If you have control you are managing, if you have control you have enforced policies, if you have control you have defined processes. Also, if you have control you are able to meet privacy requirements and to properly secure your information.

    By "demands" I mean legal information retention requirements, adherence to the FRCP and other applicable laws; also, any regulations that require retention or disclosure; and business demands such as internal business objectives, a defensible disposition policy (certainly overlaps with legal), company IT strategies and policies, and other internal IG requirements a particular organization has.

    So there is is, the best I can do at this point but I am open to suggestions - so long as they do not complicate or elongate the definition.

    What say you?