Stephen R. Covey, in his book The Seven Habits of Highly Effective People, points out that human beings evolve from dependence to independence and ultimately, if they are to fulfil their potential, they evolve beyond independence to a state of interdependence.
In the first of these states, the state of dependence, the human needs the assistance of one who knows how to get food, clothing, accommodation, sanitation etc. Eventually, the child outgrows these basic needs and assumes a position of independence, ready to take on the world, posturing in a range of ways to demonstrate how well he or she can stand on their own two feet. Many of us fail to progress meaningfully beyond this stage, but in order to fully realise our potential, we must let go our ego and realise that we can do much better if we allow others to help us, trusting to the advantages of synergy that others who know better in some aspect will deliver their share of an agreement to work with us for a greater outcome than we can possibly achieve on our own.
The evolution of business systems and IT infrastructure for a corporation follow a similar pattern. The company starts off being dependent on the advice and software being offered by some small (or large) consultancy, with computers being serviced or looked after by someone else. Companies eventually grow or grow in confidence and decide to take these matters in house and look after their own computer systems. This is the stage where they express their independence. By bringing it all in house and stating that they can host their own equipment, design their own network architecture, they demonstrate their self confidence in being able to stand on their own (if virtual) two feet.
Of course, even in this stage with something as complex as a computer system, there is always going to be an aspect of interdependence – nobody is going to design their own CPUs, their own switches, cables, firewalls, communications protocols, powersource, operating systems etc. But at some fundamental level there is a view that the systems management is going to be done independently of all others. This is done in the name of competition, security, hubris, having special requirements or just “because we can”.
Those that manage to evolve beyond this view take a look outside their self-imposed walls and ask “what if” questions based on a fresh perspective that encompasses the views and potential of others. This is in essence what interdependence allows. Here are some examples that have come about as a result of interdependent thinking:
- The electricity grid – delivered as a result of thinking about the interconnectivity and the common need of all
- The humble telephone provides interconnectivity in ways previously rarely dreamed about. It is inspired by the desire to interoperate.
- The browser as the ultimate form of polymorphism – the killer app: simple in its approach, almost universal in its versatility
- XML as the common lingua franca allowing all systems to communicate with all systems – the same data basing shared and used in completely different ways
- Platform As A Service – the leveraging afforded by being able to make improvements that can be applied to thousands of clients and more makes possible the impossible, and delivers systems in unprecedented timeframes
These are just a small number of examples, but putting them together yields layer upon layer of opportunity to improve the world for everyone by simply thinking interdependently. For example
- The Google maps project was significantly enhanced as a result of one of the regional development teams providing the tools so that others could extend the maps globally. Soon enough, the public responded magnificently and a global resource is born.
- Wikipedia has 3.5 million articles in English not to mention all the other languages covered – all as a result of thinking interdependently
- The Petrucci Library offers a free collection of sheet music for over 80,000 scores of classical and related music
Those are public domain projects, but what about commercial synergies, such as
- Freight companies offering automatic tracking of packages while in transit
- Single sign on being used to streamline a customer’s relationship with a range of seemingly unrelated entities
- Customer subscriptions to forum posts and cases logged in support systems with automated notifications via SMS, Email, Twitter or Facebook
When companies start thinking from a point of view of interdependence, all sorts of doors open up to ways in which they can improve their customer’s experience, the quality of their products, the working conditions of their staff, the reputation of their brand. There is hardly a day goes by when I don’t see an example of how a company could improve the world by thinking interdependently rather than independently. And it doesn’t require exposing private information to the wrong people. It just requires thinking differently.
People keep going on about Privacy when it comes to the cloud. Privacy: it is like a religion. “We must preserve privacy in everything we do”. If you think about this general view for a moment, it becomes clear very quickly that it is a superficial view without much substance. Managing privacy is about ensuring:
- That we can get access to “stuff” we need, want and have a right to get access to, when we want or need it;
- That we can prevent others from getting access to “stuff” we don’t want them to get when they have no right to it (or we have the right to prevent them from getting it)
- That we can disseminate “stuff” (to which we have a right) to people (or systems) when we want to;
- That we can prevent others from exposing us to “stuff” we don’t want to receive and we have a right to avoid.
An Internet search of ‘privacy taxonomy’ yields a lot of academic material on this topic, but I thought it would be worth conveying a few key points to get people thinking about the fact that information privacy is not just some black and white concept that applies without thought across the board.
The diagram to the right highlights that there are different types of information and how this fact applies to the privacy debate. Clearly, from an information producer’s, or custodian’s perspective some information we want to keep to ourselves, some information we want to share with the world. Likewise, from a consumer’s perspective, some information we really don’t want to receive, while other information we prize highly.
In the diagram, information flows in two directions – from us and to us. Some flows are desirable (green), while some flows are undesirable (red).
The diagram implies domestic and commercial use, but this is indicative only and can be applied in all permutations – domestic to domestic, domestic to commercial, commerical to commercial and commerical to domestic.
One interesting implication of the diagram is that the nature of information (in terms of its privacy) differs between the view of the entity with the information and the view of the potential recipient.
So let us examine each of these in turn. In the description given below, the term possession is used generically to imply either ownership or custodianship, and should be considered in the widest possible terms. Each type is examined in the order of the diagram starting at the top left, going down then across.
Type 1: Information we possess and don’t want others to possess.
This type of information is information for which we consider there is some sort of negative ramification for us if others gain possession of the information. This can range from personally embarrassing/damning through to commercially damaging. Examples include:
- An employee interviewing for another job;
- Trade negotiations or terms;
- Customer information such as credit card or phone numbers, health records, trading history, information garnered under legal professional privilege;
- Nefarious or embarrassing activities such as infidelity, crime or doing something against the will of a parent, spouse or employer;
- Details about a planned surprise.
In all of these cases there is some reason why the recipient would not want others to gain access to the information. Note that in some cases, the information’s privacy value is temporary. Others, not so much. The value of the information to others is not a factor, except to the extent that from the perspective of the possessor it would be damaging for the information to leak across the privacy membrane.
Sometimes the damage in this case is associated with the information itself – a villain gets hold of a credit card – and other times it is not the information per se, but rather the fact that some information, any information, has leaked is cause for a loss of trust in a custodian. For example if a bank, accountant or broker were to release details of customer balances, the results would be devastating – not necessarily for the customer, but certainly for the bank etc. An example of this happened this week with Vodafone customer information including names, numbers and credit card details being exposed on public websites, over which some employees have lost their jobs.
The degree of risk of information leaking in this category depends on many factors, including:
- The perceived damage to the possessor of losing the particular information
- The perceived damage to the possessor of losing information in general – this is very much dependent on the nature of possessor. For example a child leaking information is likely to suffer little damage compared to a major cloud provider.
- The perceived value to a potential recipient of the information, the number of potential recipients, and whether the information is single use or has value to many people.
Type 2: Information we possess we want others to access
Once again there is a wide variety of information in this category and the perceived value to the (initial) possessor varies as well. Examples of information in this category include:
- News possessed by a journalist or publication;
- Details about an upcoming social occasion;
- A new product announcement;
- A limited-time offer, with or without steak knives;
- Results of personal or corporate achievements to be shared for glory.
In these cases, the value again depends on the context and the timing. A News story is of value to a journalist if it is timely, and better still, uniquely obtained. Once it has been published by others, its value is often deprecated. Note the value to the possessor is in some ways independent of the value to the targeted recipient(s), but in some ways its value depends greatly on how it is perceived by them. A wedding invitation carries great value in many cases, while a “spam” email usually carries negative value.
Type 3: Information others possess we would like to possess (whether or not we have a right to it)
This is where privacy takes on a different nuance – how to gain possession of information. Information may be public information, such as the weather, a currency exchange rate or share price; or it might be private – either pertaining to us (to which we either have a right to such as a bank balance or medical or academic test result or we don’t have a right to, such as employer discussions about our future or details about who voted for usor gave us a positive review after a presentation) or pertaining to someone else.
Type 4: Information others possess we do not want to possess (not now, perhaps not ever)
Once again there is a wide variety of information in this category ranging from spam, where someone else wants us to possess the information, to clutter we deem irrelevant – the noise around us that distracts. Like with the other types of information, sometimes it is a question of context – we may want to possess information at another time, and increasingly, software systems, especially driven by cloud technologies, are allowing people intelligent context based on digital body language, trends, historic decisions and actions etc.
The management of the privacy membrane here is where software vendors and IT service providers earn their money. Allowing access to information, sometimes mission critical details, while preventing others from accessing that same information is the at the core of what the IT industry is all about.
The cloud will increasingly facilitate the crystallisation of these differences and provide us with increasingly sharper focus on what matters to us. A greater understanding of the management of the privacy membrane, letting things through when necessary, preventing things from either direction when required, and transforming them, anonymising them, or merging them together from disparate sources as appropriate, will allow for a user experience that will seriously change the nature of the privacy debate in the immediate years to come.
Hopefully we can get past the religious view that blindly follows the mantra “all data is private and privacy must be preserved in all cases” to a view that facilitates the protection of information as and when appropriate (without compromising security), transforming information as and when appropriate (without compromising security or accuracy), facilitating the supply of information as and when appropriate, and provide some serious value to all this “stuff” in our possession.