Making sense of Dark Data

By: Sonny Zulhuda

BIG-DATAWhile big data is by now a commonly heard term, dark data is not. Some participants in the recently-held Singapore Symposium whispered to me that they had never heard about the term – so you can say they were in dark about Dark Data.

The term is new to me as well! Except that I have had a little earlier opportunity than those guys to read about it and to finally make sense of it.

It all rooted from the fact that we have had an abundance of data around us, and how much those abundant data are capable of being sourced as information. Yes, it is about Big Data. As we know, Big Data is about quantifying everything possible to be a data. A person’s identity is no longer depending on what is printed on documents (ID, passport, certificates) about him. A person is now identifiable from his mumbling words, his movement, his location, his mood and even the pattern of what he will do every day. All those data are being quantified and measured due to their availability from myriads of media, devices, and interactions (both human and artificial). What makes it possible? You name it: Mobile gadgets, Social media, CCTVs and commercial transactions you have been making, to name a few.

In organisational life, the same is happening. More and more data are collected and stored by organisations, manually and electronically. Data of employees (and their mumbling words, movements, location, mood, etc.), of visitors, of business transactions, of internal meetings, of vendor’s works, of all reports, records and repositories, etc. are increasingly collected, stored…. but not necessarily used. In many occasions those data are no longer usable after their first collection, and yet they still fill up the organisation’s storage (recent research indicates that these unusable data may stack up to 70% of oganisations’ data).

Those are dark data. Untapped, untagged and sometimes unknown data.

Now is this: the fact that they remain unused does not mean they are valueless. You can run this simple test: Should you dump all these data to your competitor or any third party, would there be a loss to suffer? What about a competitive loss, breach of secrets, infringement of privacy, reputation loss, legal liability? If yes, then such Dark Data should be urgently managed.

That is the first message that I delivered in my 1-hour talk in Singapore yesterday.

Information Governance and Dark Data Management

By: Sonny Zulhuda

Next week on 7th July 2015. Carlton Hotel, Singapore. The event’s name is Innoxcell Asia Symposium 2015 on Legal Risk, Compliance, e-Discovery, Financial Crime, Corporate Governance and Data Privacy.

I will be speaking on one compelling issue concerning the information governance, namely dark data management.

Dark Data (credit: http://www.cio.in)

Dark Data (credit: http://www.cio.in)

Techopedia defines “dark data” as “a type of unstructured, untagged and untapped data that is found in data repositories and has not been analyzed or processed. It is similar to big data but differs in how it is mostly neglected by business and IT administrators in terms of its value.”

Dark data is operational data that is not being used. Consulting and market research company Gartner Inc. describes dark data as “information assets that organizations collect, process and store in the course of their regular business activity, but generally fail to use for other purposes.” (Citation from TechTarget).

It was reported in Forbes that these class of data, similar to dark matter in physics, cannot be seen directly, yet it is the bulk of the organizational universe.

The background of this talk is the fact that the amount of operational information —both structured and unstructured— that companies create and store are drastically increasing due to digitisation and mobility. Dark data management emerged as another challenge for corporate information governance. Under the increasing pressure from new regulatory regime and consumer expectation, corporate data must be well managed if companies wish to survive in today’s information age.

In this session I will explore the nature of corporate information legal risks in the context the Big Data and offers insights on information governance to transform data from a liability into an asset.

For more on the event: Innoxcell Asia Symposium 2015 on Legal Risk, Compliance, e-Discovery, Financial Crime, Corporate Governance and Data Privacy. Will be speaking alongside prominent international speakers, who can be retrieved from here.

Privacy Impact Assessment (PIA) – In the Light of the Data Protection Law in Malaysia

By: Sonny Zulhuda

ImageLast time In May ’12, I was invited by the Federation of Public Listed Companies (FPLC) and the Malaysian Institute of Corporate Governance (MICG) to speak in their National Conference on IT Governance, Data Protection and Cyber Security.

I chose to speak about the importance of the Privacy Impact Assessment (PIA) as an implementing tool for complying with the data management rules and obligations under the law. The exact title of my presentation was “Privacy Impact Assessment for a Better Corporate Governance: The New Legal Landscape in Managing Corporate Data Assets.”

In fact, this was the first time I spoke about it. I just felt that people especially the corporate citizens need to be told in a more practical way on why and how they should comply with the laws on personal data management, i.e. the Personal Data Protection Act 2010 as far as Malaysia is concerned.

The PDPA itself is, of course, silent about this PIA. But that does not mean having or executing a PIA would be useless. PIA is indeed a very helpful organisational tool to ensure compliance with the law on data protection. Malaysian law is not excepted. Continue reading

Stopping Data Theft through the Back Door: Shifting the Duty to the Boardroom?

By: Sonny Zulhuda

The following is the abstract of the paper I presented (in a poster) at the recent 7th Asian Law Institute (ASLI) Conference at the International Islamic University Malaysia, 25-26 May 2010.

“In the information economy that relies heavily on the sustainability of information technology and the availability of data for business, data theft is equal to a catastrophe that causes massive losses to organisations. Authorities and technologists have put in place myriad of criminal laws and security tools to address this issue, only to see that the incidents of data theft become more rampant. The complications is because data theft involves a range of security issues, ranging from flawed physical control to a weak personal data management, from a single mistake of people on data processing, to a collective negligence of decision makers in the boardroom.

“In the context of corporation, the idea of holding the management board responsible is now increasingly attractive due to the fact that the victims of data theft would see a better chance of getting compensation. This is a rising trend on the law on data theft where certain duties are imposed on the management board of the companies.

“The law, as appears in some jurisdictions such as the US and the UK, obliges the board to exercise certain level of due diligence in managing data asset in the company. Besides, new laws impose duty on the companies to disclose or quickly notify threat or actual attack of data theft that occurs and potentially affects their clients, partners, customers or anyone who happen to be their data subjects. This paper reckons that in shifting some duties to the companies, the incidents of data theft can be better prevented. It argues that it is a good move for other countries like Malaysia to emulate such legal development.”

Privacy Policy in Corporate Practices

By: Sonny Zulhuda

Today my MBA students presented their assessment on privacy policy. This is a practical session for them to see how the principles of personal data protection are being put in in real life corporate conduct. They form a group and choose company of their own in order to look at their privacy policy as stated in their official websites.

The session was very informative and interactive, in which students were to highlight in summary what those companies do in general and what they do with personal information. Then they presented their assessment, examining how good the privacy policy is prescribed, and how well it is compliant with the principles of personal data protection law.

Among the interesting findings that they presented were: Continue reading

Isu-isu Keselamatan dan ‘Privacy’ dalam Penggunaan E-mail di Premis Kerja

Oleh: Sonny Zulhuda

Saat ini e-mail telah menjadi media komunikasi yang makin popular baik untuk konteks komunikasi personal maupun untuk komunikasi rasmi dan urusan berbisnis. Hal ini disebabkan oleh semakin pesatnya kemajuan teknologi komunikasi dan maklumat menerusi Internet yang telahpun dipakai oleh hampir semua bidang industri dan sektor kerajaan di Malaysia. Hal ini pula merupakan konsekuensi dari perkembangan aplikasi e-government bagi bidang awam dan kerajaan, serta e-commerce bagi sektor industri dan swasta.

Continue reading

Managing Online Risks through Contractual Instruments

By: Sonny Zulhuda

By transforming to the workplace environment that uses the Internet and other devices of information and communications technology (ICT) as the enabler in running their businesses, organizations are exposed to potential risks out of the abuse and misuse of the said technology by internal employees and any strangers outside the company alike. Such misuse can take the form of security breaches, theft of company’s informational assets, lost productivity, wasted computer resources, electronic viral infections, business interruption and public embarrassment should a workplace lawsuit be filed.

While lots are done for preventing external hackers from jeopardizing internal network and information system, risks from internal sources are often overlooked by most companies. In fact, the threats exposed by these ‘internal saboteurs’ may be as great as the external intruders, and therefore may be as harmful as the external sources of threats.

Continue reading

  • June 2017
    M T W T F S S
    « May    
     1234
    567891011
    12131415161718
    19202122232425
    2627282930  
  • Visitor

    free counters

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,573 other followers