Compliance

After attending the BCS IS Security Group meeting yesterday, I began to think about how small (or more accurately, medium) companies might deal with the additional compliance actions required of the GDPR. There would seem to be two design patterns, a golden source, or an all knowing switch. The first pattern led me to consider the SaaS solutions, which should be used to dealing with suspects, prospects and customers (CRM), also any employees that might be employed, with the ERP solution catering for personal data located in the supply chain. Over the years I have been made aware of Sugar CRM & OpenBravo (ERP), more recently I have looked at Financial Services KYC problem, and been pointed at kyc.com,  an enhanced CRM system designed for the financial services industry. The gap is an industry leading HR system, and it will surprise none of my long term friends and colleagues, that I think we can assume that fault is in the buying community where the priority would seem to be recruitment and applicant tracking although, of course, payroll was the first SaaS offering by an order of decades.

Compliance

Focus

Over the weekend, a spat broke out between Jon Lansman, veteran leftist and Tom Watson MP. This twitter exchange pretty much summarises it.

Actually this was started because comments Lansman made to a private meeting were leaked to the press via video and blown up into a new conspiracy.

What I want to add, starting from Watson’s tweet, is that I believe it’s the so-called moderates that are destroying the party as an electoral force. The focus on the personality of the Leader and the evidence free proposition that we just need to knock on a few or even many more doors and we can win is wrong.

There are central political questions that need to be answered or Labour will follow the Greek PASOK, the Dutch PvdA, the French PS and its own example in Scotland.

Focus

Faerûn

I returned to NWN2 last night, I should probably take notice of the fact that I find it so hard to return to. The fights are so hard …. This can be fixed … I think.

But the bioware forums have finally gone for ever.

Faerûn

Privacy Law

Here’s an interesting review of the UK’s DP Act and the likely implications of the GDPR/Brexit. The author identifies that the Commission has launched an infraction investigation into the UK’s implementation of the Data Protection Directive, they identify some of the weaknesses and report that despite issuing several freedom of information requests, that the infractions identified by the Commission are secret.

It is suggested that the UK Government will use the Restrictions Article powers to reduce the impact of the GDPR and in doing so may jeopardise the UK’s attempts to obtain an adequacy ruling. I think they’re a bit excitable since UK firms and foreign owned multi-nationals will be able to use model clauses and binding corporate commitments to trade with the EU even without an adequacy ruling, although some firms may choose to relocate, most easily to Dublin.

The article also talks about two court cases which have expanded citizen protection under the DPA using reference to the Directive and the CJEU rulings. After Brexit, the opinions of the CJEU are likely to be irrelevant,

Privacy Law

Adequacy

I am looking at the GDPR, and considering the issue that post-Brexit, the UK will probably have to seek an “adequacy ruling” to allow IT services trade and trade dependent on cross border IT between the UK & the EU to continue. If we adopt the GDPR as part of the so-called “Great Repeal Bill”, then there should be no problem. In the unlikely event that the fUK-EW legislates for greater data subject privacy then the EU may object because it breaks their single market rules; all jurisdictions must treat entities and citizens of the EU equally, whereas if we were to weaken the privacy provisions then the Commission would deny us an adequacy ruling. Today’s insight is that it works both ways.

Adequacy

Obvious

I have just had my electricity meter upgraded so they won’t have to visit it to read it any more and the plan is that I can monitor my electricity use in real time!. This would be like the car displays that tell you your MPG and thus not very useful. They are both things that you can do nothing about. 

However, the data transport between the meter and the consumer monitor is bluetooth, a technology with a common range of 10m, or 13 yards or paces. The link also requires a line of sight between the two devices. Someone took this decision, despite the fact that every meter they ever install has a cable running into the delivery site. They could equally have used the phone connection required for remote monitoring and billing.

I should think this choice makes the technology’s use impossible in every block of flats in the country and possibly even in many large houses.

Someone or several people chose to do this! 

Obvious

Control

Earlier this week, a Councillor in Exeter crossed the floor, joining the Greens citing policy disagreements and secrecy within the Labour Group. At Labour’s last conference, it was agreed through rule changes to increase the disciplinary powers of Labour Groups, and now we see in Lewisham that one of the cabinet members (Paul Maslin) has complained to the Head of Legal about Alan Hall being in breach of the Council’s rules of treating other Councillors with respect in conversation/debate about the Millwall CPO. When researching another blog article and preparing for the Deptford Party GC meeting, I discovered that Labour Group meetings are private and that the result of the vote against the CPO by the overwhelming majority of Labour Councillors couldn’t be discussed outside the meeting.

I find this all very worrying. No matter the size of the majority, its crucial that the affairs of Labour Groups are conducted with the maximum of financial transparency. When large majorities  exist, it is more important as the only scrutiny that exists against the Council leadership is within the Labour Group (and the auditors appointed by DCLG. ) Councillors should be accountable to the Party and to voters, the Group’s internal processes must be open. It’s a weakness that until recently, the tithe levied on Councillors is the most significant income to Labour Parties, so not only do Councillors have significant control through their legitimate political support, they have also controlled the funding. (The funding has not be fixed since LP HQ has trousered all the additional income from the new members which is one reason I am arguing for a change in the distribution scheme. )

One man management systems such as executive Mayors and now PCCs are dangerous and unstable in terms of accountability.The most elementary financial control system is that expense requires the agreement of two people and that the decisions are reviewed by a third party. Furthermore it’s necessary to protect against corruption, incompetence and cover ups. Another common control used in the private sector is mandatory leave i.e. that staff have to take at least one two week leave of absence. There is no equivilent in the bodies led by executive mayors. The lack of good faith inherent in the design of the Executive Mayor makes it impossible to control or recall except through election; initially the Labour Party placed a two term limit on these posts, but that was removed and in London we have seen borough mayors in power for decades.

We need better transparency for the affairs of Labour Groups and if we keep the Executive Mayors, must reinstate the term limits, in Law if we form a Government. If you want to help in Lewisham, come the Unite meeting in the town hall at the end of the month.

Control

Parliament Act

The House of Lords have inflicted two defeats on the Government’s Article 50 Bill, one requiring the Govt. to recognise the rights of EU citizen residents in the UK, and the second mandating that Parliament have a meaningful vote after the negotiations are complete. The Government plan to reverse these measures in the Commons, which one assumes they will succeed although 12 Tories voted with the Lords majority, so some more Tory MPs may gather courage. Even if the Commons reaffirms its will as already stated, if the Lords stand firm, the Bill falls and will have to be re-introduced (and passed) in the next parliamentary session. The time table, if not the whole project would be fucked.

Parliament Act