Data is Risky Business: What Business R U In?

15-SEPCOL03OBRIEN-edTrust is the opposite of risk. Risk is the effect of uncertainty on objectives. Trust is the presence of certainty. The various things we do in Data Governance and Information Quality to tame data are usually driven by an absence of trust, or the fallout from misplaced trust. When was the last time you reworked a report because you trusted the other person’s numbers? When was the last time you complained to a regulator because someone did exactly what they told you they would do with your data?

Oh, Shaka. When the walls fell! The true nerds among you will recognize that as a line from a classic Star Trek: The Next Generation episode where Picard was stranded on a planet with an alien who he had to learn to communicate with and trust. Picard’s “frenemy” spoke only in metaphors that were rooted in his culture and history. This is not dissimilar to the challenges we face when trying to get different parts of our organizations to communicate effectively about data and how it is used or should be used so that we can get to the point of being able to trust information when it is linked together. For example, one client I’ve worked with required a value for “income” for a person to be provided to them by a third party. However, the methods for defining and calculating “income” were different in the sending organization, leading to errors in processing at the receiving organization.

Without effective internal communication about the meaning and purpose of data, it’s very hard to develop a foundation of trust for data in the organization. This leads to the proliferation of data silos, hidden information factories, and fragmented data lakes abound in most organizations. However, internal communication is only one part of the jigsaw puzzle.

Effective external communication is also key, particularly when an organization is seeking to implement a new technology or a new way of engaging with their customers or external stakeholders. Fail to develop and build trust and you will inevitably generate an equal and opposite level of push back to the initiative. It’s the basic physics of change management. Failing to engage in a manner that engenders and is supportive of trust and the perception of trustworthiness can also affect the acceptance of the steps you take in response to a questioning or criticism of your proposed process or processing.

For an example of this, just look at the fall out in Ireland due to the scope creep implementation of an identity card for public sector services. The cognitive dissonance caused by a Government Minister declaring that the card was not a national identity card because it was “not mandatory” but it was “compulsory” in her department and a number of others drew significant attention to the potential legality or otherwise of the scheme, and also the security of the card and the underlying database that is integrating data about citizens from a number of traditionally disparate sources. The trust in the system has been significantly dented, and the Data Protection Commissioner (the Irish data privacy regulator) has written again to one of the government departments leading the roll out of this card to request clarification on the legal basis for its expansion in use.

So, you might be working in a telecommunications business doing data governance work, but you are actually working to improve communications about and with data. You are doing that to improve trust.

You are in the trust business.

Share this post

Daragh O Brien

Daragh O Brien

Daragh is the Founder and Managing Director of Castlebridge, a leading Information Governance, Privacy, and Strategy consultancy based in Ireland. He has a degree in Business & Legal Studies from University College Dublin, and is a Fellow of the Irish Computer Society. Prior to founding Castlebridge, Daragh worked for over a decade for a leading Irish telecommunications company in roles as diverse as Call Centre operations, Single View of Customer Programme management, and Regulatory Compliance and Governance. He a regular presenter and trainer at conferences in the UK and worldwide. Apart from his consulting and education work, Daragh is also Data Privacy Officer for DAMA International, a faculty member at the Law Society of Ireland, and a contributing research partner to the Adapt Centre in Trinity College Dublin. He lives in Wexford in the South East of Ireland and can be reached at or on twitter: @daraghobrien. In 2016, he was ranked by Onalytica as the 24th most influential person on Twitter in Information Security (including Data Governance and Data Privacy).

scroll to top
We use technologies such as cookies to understand how you use our site and to provide a better user experience. This includes personalizing content, using analytics and improving site operations. We may share your information about your use of our site with third parties in accordance with our Privacy Policy. You can change your cookie settings as described here at any time, but parts of our site may not function correctly without them. By continuing to use our site, you agree that we can save cookies on your device, unless you have disabled cookies.
I Accept