Picture a chemistry lab Picture a cabinet in that lab All of the jars in that cabinet are unlabeled Image courtesy of UF Digital Collections - http://www.flickr.com/photos/ufdc/3333277041/
Each jar contains a potentially grim surprise * Caustic * Toxic * Harmless * Volatile Image courtesty of bhikku - http://www.flickr.com/photos/bhikku/4608657906/
Because the jars are unlabeled The strictest handling procedures must be applied for all jars * Even though some don ’ t require such strictness This increases the handling costs. Requires spot audit programs Make everything more difficult Image courtesy of
But I know what is on that shelf Implicit knowledge might be generated * Items on this shelf are caustic * Items on this shelf are volatile * Items on this shelf are harmless Image courtesy of Shobhit Agrawal - http://www.flickr.com/photos/shobhitagrawal/400862418/sizes/z/
Image courtesy of code poet - http://www.flickr.com/photos/alphageek/5094405942/
This is how enterprises handle data Our systems and databases are the cabinets and the unlabeled jars We do not tailor handling procedures to the data well We do not inform handlers about the data well Image courtesy of carrierdetect - http://www.flickr.com/photos/carrierdetect/3316432467/
We have implicit knowledge We have implicit knowledge of the data based on the system it comes from * “ If it came from that system, it must be this kind of data ” * This implicit knowledge informs our data handling procedures Image courtesy of scriptingnews - http://www.flickr.com/photos/scriptingnews/2627291590/
Transferring data moves that data from one context to anotherWhen data changes context, implicit knowledge is lostBad enough when the sharing is within the enterpriseFar worse when we share beyond our walls Image courtesy of dan4th - http://www.flickr.com/photos/dan4th/2402329882/
The authorization event is the end of the story to a security professional. But the authorization event is merely the beginning of the story to a privacy professional. What happens after authorization is the interesting bit from a privacy perspective. Image courtesy of davedugdale - http://www.flickr.com/photos/davedugdale/5099718716/
How should we handle the data?Are our obligations to the data met?What uses and disclosures were consented to?Answering these questions require context Image courtesy of Paul Bratcher Photography: http://www.flickr.com/photos/pdbratcher/4748616980/
Determining how to handle data requires the social layer of the enterprise to be informedPeople know how to evaluate context Image courtesy of tjdewey - http://www.flickr.com/photos/22416200@N05/5197320220/
Need to keep the social layer informed We don ’ t label our data.Any context information we have is stripped when data changes hands. This makes handling transferred data expensive and fraught with danger
Use data labels to protect privacy Make the implicit explicitDescribe context in human readable termsHelp the social layer make better data handling decisions http://www.flickr.com/photos/31818948@N07/3488770096/sizes/z/
Use data labels to protect privacy Richer context information for technical controls to useAssign accountability more accurately and fairlyWe call these data labels relationship context metadata
RCM is created when data is transferred * Intra-company transfers * Inter-company transfers * Individual to organizations transfers Each piece of RCM is called a bead and beads are attached to strings. A string adorns a set of data.
What to do if you find data in the wild The use of data labels can help companies track where their data flows. It can also be used when data flows out of the control of the originating organization. One could image instructions such as the following embedded in the RCM: “ Call Hemisphere Medical ’ s Data Protection office. Tell them you ’ ve discovered RCM number 8541-BOS-123001 ”“ Call the Massachusetts State Attorney General ’ s office at (617) 727-8400. Tell them you have found MA 201 CMR 17 information. ” Image courtesy of bill barber: http://www.flickr.com/photos/wdwbarber/4373658475/