I did not expect that

An unforeseen pandemic comes along and suddenly it is no longer BAU. In fact we don’t even recognise the world and yearn for a return to BAU.

The tech industry has delivered some useful tools to cope (for now) with this interruption to BAU. People are fast becoming familiar with Zoom, Skype, Teams and other tools to keep in contact and get the work of the day done.

Jobs that did not seem so important are suddenly elevated to being of high importance. Checkout operators for example. Our key workers that keep vital services running. And those that are less visible? The tech people keeping the services we have become dependant upon, I am referring to all those services we access numerous times a day on our phones and computers. These services have kept supply chains functioning and some semblance of BAU. So, what will be the learnings from this pandemic?

Those with IT backgrounds will be familiar with business continuity planning. I wonder how many business continuity scenarios planned for a pandemic that had a wildly unpredictable timeline? More than that, the pandemic upended how society functions. I can’t come to work today, I have to home school the kids. I’ll get to that proposal this evening (if I am not totally wrung out). I’m having problems accessing the Internet from home, I’ll try later. Deadlines?

I’ll come back to this in one year to see how the world reacted to the most significant upheaval of society in recent times. Did tech save the day?

Jobs to be Done

A conversation with a business partner triggered me to go refresh on an article I had read in the Harvard Business Review, title “Jobs to be Done“.

Back to that conversation. In anticipation of Covid-19 requiring people to stay at home, they had upgraded their office servers (more disk capacity) and hardened security. It was a rush job and so far everything was working. Quite unprompted, they said, the “Job to be Done” upon return to work is to put everything in the cloud.

They could have moved everything into the cloud at anytime and it took an external event to put that on the Jobs to Done list. It makes you think what else will be put on the Jobs to be Done list upon a return to work?

Interested to know more? Then click here to read the Harvard Business Review article.

AI in ascension

It seems that Artificial Intelligence is the new buzzword and tagged everywhere.

As a golfer I was intrigued to see Callaway ‘AI tag’ their golf clubs. I smiled when I read that AI assisted design of the golf club and would help an expert golfer achieve an increase in ball speed by as much as three to five miles per hour, translating to 5 to 10 yards more distance and completely change the strategy off the tee. That is a little different to my AI (“Actual Intent”) strategy; let’s just keep this on the fairway Frank where at least I have a decent lie for my next shot 🙂

Story at https://www.digitaltrends.com/outdoors/callaway-golf-artifical-intelligence/

On my early morning coffee + quiet reading and research explorations I found this wonderful treasure trove of data on Artificial Intelligence.

Go to https://www.cognilytica.com/

Dig in at www.cognilytica.com and learn more about the ascension of AI.

You can take an online course with a certificate and be learned in Cognitive Project Management for Artificial Intelligence (CPMAI) Methodology for the sum of $2495. Tempted? Given the incredible amount of investment going into AI this may be a good $earner. Maybe apply some AI to your decision-making?

Finally, anyone in the tech sector will be familiar with the term ‘best practice’. I found this resource https://www.bestpractice.ai/ with case studies of those organisations that have dived into AI. I am not endorsing it, just bringing it to your attention.

Dirty business

How many apps do you have on your smartphone? Personally I have over 300. How did that happen?  That does not mean to say I use everyone of them and some I maybe downloaded once and never used again.

Back to dirty stuff. Sometime ago I wrote a blog, it was in preparation for a presentation I gave to a business that was powering datacentres with renewable energy. I had reason to go back to it and given the attention climate change is getting it revealed something I had forgotten about. Who is not playing their part in saving the planet? 

One app on my phone I simply love is Spotify. They are doing great!

Now somewhere in the ether are servers pumping that music into my earphones. Those servers need powering up and cooling down. So what energy sources do Spotify rely on, source http://www.clickclean.org/

Guess who is behind this? Greenpeace. The data they rely on may not be bang up to-date and sometimes data is hard to obtain – after all who wants to put out their dirty washing for scrutiny?

If you are someone who is concerned about the environment then check out http://www.clickclean.org/ and maybe consider a donation to Greenpeace https://secure.greenpeace.org.uk/page/contribute/greenpeace-main

There are other initiatives. Switzerland is leading the charge on datacenter efficiency certification and you can read about their initiative (initiated by industry association digitalswitzerland and Hewlett Packard Enterprise) at https://datacentrenews.eu/story/swiss-lead-charge-on-data-centre-efficiency-certification

Off now to do some recycling and delete some unused apps on my phone.

Society 2050 or maybe sooner?

Do you pause to think about how technology is rapidly changing society? What might that mean for you personally?

I have worked in tech all my working life and I have not, until recently, stopped to think about the future implications – I was too busy ‘doing’.

Now I have the time and interest to pause and think about the future, as I have to support myself through my later years and consider how my son will earn a living in his chosen occupation. It seems no occupation is safe from technology disruption and many are blind to what that means for their future.

I found an article that you can read when you click here. It may confirm what you instinctively know or be a wake-up call. On the other hand you may prefer not to know what lies ahead? Your call.

Here is the article’s agenda.

Risk of Risks

On January 1st 2020, the California Consumer Privacy Act came into effect. The economy of California is the largest in the United States and ranked as the world’s fifth largest economy. It is also home to some of the world’s most powerful tech companies.

Data Privacy is already elevated as a board level issue and a big ticket deal with threats of legal and financial sanctions, risk to reputation and brand.

Reporting by the IAPP Europe (January 2020) highlights: Today’s lightning advances in technology in the fields of AI, automation and cloud services will herald in fundamental and complex changes in the way data protection unfolds. The organization that does not adjust to the new paradigm may not see the next decade.

What’s in store in this new decade?

A continued key trend in the coming years will remain third-party risk management. More robust outsourcing, vendor management and supply chain solutions in a pervasive digital age will be tactical and key to organizational strategy; therein lies considerable risk and exposure. Moreover, where breaches at the larger multinationals have dominated the landscape in recent times, their third-party relationships may prove more vulnerable in the coming years. Defending and proofing those supply chains in continual fashion will be critical. 

Acknowledgement: IAPP Europe Data Protection Digest January 2020

I am a member of IAPP

Is Artificial Intelligence on a collision course with data protection?

Few people know their rights under existing data protection laws. Here is a reminder:

The last paragraph is significant as it refers to the capabilities of AI to process personal data. Those that use AI are accountable under GDPR and Data Protection Act 2018 (UK).

I was interested to read a document: Resolution of the 97th Conference of the Independent Federal and State Data Protection Supervisory Authorities of Germany Hambach Castle, April 3, 2019.

The resolution (particular to Germany) records seven data protection requirements.

  1. AI must not turn human beings into objects
  2. AI may only be used for constitutionally legitimate purposes and may not abrogate the requirement of purpose limitation
  3. AI must be transparent, comprehensible and explainable
  4. AI must avoid discrimination
  5. The principle of data minimisation applies to AI
  6. AI needs responsibility
  7. AI requires technical and organisational standards

This is a resolution has no legal standing. It does provide a pointer to considerations that those using AI should consider to remain compliant with their data protection responsibilities.

You can read the full resolution when you click here

Artificial Intelligence and Risk

The surge in interest in AI has generated the need to know the risks and how they might be insured. Now that does not occur to many people as they rush headlong into the AI jungle. It does occur to those responsible for governance and compliance and they look to organisations like Zurich Municipal for guidance.

So what is the point of view of insurers and their appetite to underwrite this risk? It is conditional. No surprise there.

From Zurich Municipal Report Page 3

The thing is AI is very challenging from a governance perspective. Why?

To know the answer – read the report it is only 7 pages and you can download it when you click here.

Boardroom priorities

You are in sales and focus on enterprise sized businesses (those with more than 250 employees), do you wonder what the priorities are of those you want to influence?

Here is a picture for you to digest. Good news for recruiters assisting with talent and succession. Also good news for tech vendors competent in Digital innovation and Cyber security.

Strategy sits between Digital innovation and Cyber security. What does that conversation look like particularly as 24% of respondents to the survey think DIGITAL COMPETENCY in the boardroom is a skills priority?

If you want a primer for that conversation click here

Source Predicting The Unpredictable – Harvey Nash Board Report 2020

The top three competencies sought by boards are

Technology/Digital

Strategy (presume that is linked to Technology/Digital?)

Sector expertise

Now if you are in tech sales what will you bring to the conversation?

Click here for fancy infographic

Click here to obtain a copy of the report

GDPR – IAPP update – Germany

It has been a busy couple of months for the German regulatory community. In November, a report on the state of play of GDPR implementation — and the experience thus far — was drawn up by the Conference of Independent German Federal and State Data Protection Supervisory Authorities and adopted at its 98th Conference. The Datenschutzkonferenz (or DSK, as it is better known) is the umbrella structure that comprises all the state regulatory authorities in Germany, as well as the federal authority, and is tasked with issuing uniform and official resolutions, guidance and statements reflecting national and European law.

The publication of this report is quite the task as it needs to encompass a high level of consistency, as well as consensual opinion on the evaluation and review of GDPR implementation to date. This must be done across a large group of regulatory bodies as required in accordance with Article 97 of the GDPR. Moreover, the aim of such a review is ultimately to derive suggestions and recommendations for improvements to ensure a more optimal implementation of the regulation. I am happy to say, that for all the non-Germanophone privacy pros out there, this report now exists in English and can be found here. The findings are too many to mention here, but the DSK broadly shares the opinion that the GDPR’s regulatory concept and objectives have been largely successful to date in the pursuit of enhancing the protection of fundamental rights and contributing to the creation of the Digital Single Market in the EU.

Interestingly, in annex to the GDPR report, there is also the Hambach Declaration on Artificial Intelligence, a resolution also adopted at the 97th DSK Conference. It basically treats seven key data protection principles when addressing data protection in the field of artificial intelligence and automated decision-making: informing the debate; informing a digital future.

This report also comes on the heels of the DSK releasing GDPR fining guidelines in late October. All this at a time when there has been a growing entrenched public perception centered around the potential for high fines associated with GDPR enforcement. Raising privacy and data awareness comes with an imperative for both regulatory authorities and businesses alike; the work must be done. German authorities have already started to apply the DSK-fining methodology. The Berlin data protection authority — which also took the lead in developing the fining framework — recently issued a fine of 14.5M euros using the five-step process design. The case itself relates to excessive retention of personal data by a real estate company and its failure to implement privacy-by-design principles. What is generally accepted is that the DSK framework is aggressive in that the current model will almost certainly impose higher fines than expected and controversially more so for organizations with high revenues.

From an EU perspective, the EDPB is tasked with ensuring the consistent application of the GDPR throughout the EU. Importantly, it is expected to adopt a harmonized fining methodology, but no timeline has been identified as yet for this. In the interim, national frameworks — German and other — will remain the relevant methodologies in their jurisdictions. This may lead to some very colorful enforcement actions and maybe some testy legal challenges, too. 

I am a member of IAPP and credit the source of this article (as below) :

Paul Jordan
Managing Director
IAPP Europe