Governance – where to draw the line?

Back in the days of the wild, wild, west, gun fighters and bank robbers ran amok. Gentle folk were afraid for the lives and street brawls were commonplace. Okay, it was exciting, but reputable companies – I mean folks – stayed in the big cities and left the frontier towns to the lawless.

Aw shucks, it’s another metaphor.

The good thing about all those gunslingers and rot gut whiskey drinkers was they opened up opportunities. It was their all round recklessness that pushed the boundaries. But before these new opportunities could be truly capitalised on, somebody had to impose order.

Enter the sheriff…

The sheriff slung the drunks in jail and ran the gunslingers out of town. Sheriffs were also pretty handy with guns themselves. Not a few gunslingers were hired by towns to police their streets and gun down the ‘bad guys’. In fact, apart from the presence of the sheriff’s 5-pointed star, very little differentiated the law man from the lawless.

So, when you’re policing the streets, where do you draw the line? Okay, we’re ditching the metaphor now.

In terms of rolling out the concept of digital governance to wider audiences, I’ve chosen legislation and regulation as my entry point*. This is because, in lawful societies, the risk of legal penalty is a sufficient deterrent (particularly if you’re a big company with a lot to lose). It’s also something that attracts the attention of the board room, which, sorry, content per se does not

*I started to group together some of the more pertanent rules and regs in my previous post

But when you seriously consider what could impact on the correct governance and risk mitigation of digital content, you begin widening your scope – quite considerably.

For example, culture secretary, Jeremy Hunt, plans to publish a Green Paper setting out the scope of a new communications act by the end of this year. If you think this is just about hacking and tabloids, think again – and read the below…

Hunt gave a few clues as to areas on which he may focus, but appeared to indicate that one may be regulation of programming content on the internet.

Under the current EU Audiovisual Media Services Directive, “TV like” services, such as the BBC iPlayer, are subject to regulation. However, the level of regulation is less than that imposed upon traditional TV channels.

“Whether we are watching a broadcast live or through catchup TV services, via a TV or a computer, it is the content that matters, rather than the delivery mechanism,” said Hunt. “So should it be the case that the method of delivery has a significant impact on the method of regulation? Or should we be looking at a more platform-neutral approach?”

Source: http://www.guardian.co.uk/media/2011/jan/19/jeremy-hunt-communications-act

There’s data protection and eprivacy and the implications of the European Data Protection Framework (EDPF) Review (don’t ask me, I’m new here) and the Digital Economies Act; some might say the latter was rushed legislation aimed at pirate downloaders and which now seems to be languishing somewhere in Brussels. PRS for Music, which brings together the two royalty collection societies MCPS and PRS, is also looking at the whole area internet piracy and controlling copyright online.

Plus:

  • The EUs general concerns and overall remit around data protection and how personal data is used.
  • The ongoing digital implications for copyright and its infringement including ideas floated by the Hargreaves Review.
  • The impact of changes to internet protocols.

Then there’s the whole area of cyber security , the Government’s plans for a cyber security strategy, the implications of the Home Affairs Committee inquiry following last year’s riots, a warning from head of GCHQ’s about a ‘disturbing’ level of cyber attacks, as well as high-profile security breaches involving big names such as PlayStation and Google.

It’s not that organisations and governments are not increasingly on their toes when it comes to critical issues such as hacking and data protection. As early as its 2008-2009 report, the UK’s Intelligence and Security Committee raised concerns about the potential threat posed by cuber crime, not only to the UK government,  but also ‘critical national infrastructure and commercial companies’.

We therefore welcome the fact that this threat has been recognised and that cyber security is now listed as a Tier One national security risk. The new funding that has been made available, as part of the SDSR (Strategic Defence and Security Review), to fund cyber security work is a significant step forward.

Source: 2010–2011 Annual Report, Intelligence and Security Committee

All fine and dandy. But its the next bit of their latest report which attracts my interest…

Whilst the priority and funding are to be welcomed, structural issues continue to cause us concern. We have noted 18 units with particular responsibilities in this field across the three Agencies, two law enforcement bodies and five government departments. Between them they cover policy, management, intelligence operations, protective advice, detection and analysis, with some focused on crime, some on hostile activity from overseas, some on Counter-Terrorism and others covering all three. This risks duplication and confusion and cannot be cost-effective. We therefore recommend that work be done to rationalise the existing structures.

Source: 2010–2011 Annual Report, Intelligence and Security Committee

Some 18 different agencies all getting their head around cyber security. Cooks? Broth? Anybody?

I think there is a real danger that as the digital wild west becomes the tamed west that we could end up in a situation where the streets are populated by too many sherif’s, firing off their six guns for offences no more horrendous than jaywalking. I’ve read the phrase ‘governing the internet’ more than once and frankly it worries me. Didn’t Canute try something similar?

But it’s not all bad news…

After the gun  and the guns for hire, and the early day sheriffs who relied on their quick draw, there came judiciary and laws than formalised the processes for identifying bad from good and exacting appropriate penalties. That’s where I think we now need to go with digital governance.

Those of us involved in content, its creation and implementation are ideally placed to step into and exert our  influence in this area. I used the word ‘influence’ rather than, say, ‘control’, after careful thought. Think traffic police rather than Big Brother. It’s all about enabling the flow of communication while mitigating the risk of pile ups.

We already act as the linchpin for a whole range of disciplines. The image below was created by Richard Ingram and is one of many of his stunning visualisations that go towards explaining our turnkey positioning.

• We already have, and continuing to improve, a range of tools and methodologies that allow us to guide clients in project choice, rationale, implications and implementation.

• This is alongside the deploying of the actual content itself across an increasing array of channels and delivery mechanisms.

• To this array of tools and services we ‘simply’ need to  add governance tools and methodologies, such as a suitable content risk matrix that will allow us to identify the more important issues that clients need to address – and mitigate.

I’m going to show you what that content risk matrix might look like in my next blog.