CNI Fall 2015 Day 1

I’m at the fall meeting for the Coalition for Networked Information. For those who don’t know, CNI is a joint initiative of Educause and the Association of Research Libraries and was founded in 1990 to promote the use of digital information technology to advance scholarship and education. I was involved in the early days of CNI and I’m happy to have recently been appointed as a representative of Educause on the CNI Steering Committee.

Cliff Lynch is CNI’s Executive Director, and one of the highlights of the member meetings is his plenary address, where he generally surveys the landscape of digital information and pulls together interesting, intriguing, and sometimes troubling themes that he thinks are worth watching and working on.

In today’s plenary Cliff talked about the evolving landscape of federal mandates for public access to federally funded research results. It is only in 2016 that we will see the actual implementation of the plans the various federal agencies put forward to implement the directive that the Office of Science and Technology Policy put out in 2013. Cliff noted that the implementations of the multiple federal funding agencies are not coordinated, and that some of them are not in sync with existing practices at institutions, and there will be a lot of confusion.

Cliff also had some very interesting observations on the current set of issues surrounding security and privacy. He cited the recent IETF work on pervasive surveillance threat models, noting that if you can watch enough aggregate traffic patterns going to and from network locations you can infer a lot, even if you can’t see into the contents of encrypted traffic.  And with the possible emergence of quantum computing that may be able to break current encryption technologies, security and privacy become much more difficult. Looking at the recent string of data breaches at Sony, the Office of Personnel Management, and several universities, you have to start asking whether we are capable of keeping things secure over time.

He then moved on to discussing privacy issues, noting that all sorts of data is being collected on people’s activities in ways that can be creepy – e-texts that tattle on you, e-companions for children or the elderly that broadcast information. CNI held a workshop in the spring on this topic, and the general consensus was that people should be able to have a reasonable expectation of privacy in their online activities, and they should be informed about use of their data. It’s generally clear that we’re doing a horrible job at this. NISO just issued work on distilling some principles. In our campuses people have different impressions of what’s happening in authorization handoffs between institutions and publishers – it’s confused enough that CNI will be fostering some work to gather some facts about this.

The greatest area of innovation right now that Cliff sees is where technology gets combined with other things (the internet of things) – like drones, autonomous vehicles, machine learning, robotics, etc.  But there isn’t a lot of direct technical IT innovation happening, and what we’re seeing is a degree of planned obsolescence where we’re forced to spend lots of time and effort to upgrade software or hardware in ways that don’t get us any increased functionality or productivity. If that continues to be the case we’ll need to figure out how to “slow down the hamster  wheel.”

Finally Cliff closed by talking about the complexity of preservation in a world where information is presented in ways increasingly tailored to the individual. How do we document the evolution of experiences that are mediated by changing algorithms? And this is not just a preservation problem but an accountability issue, given the pervasive use of personalized algorithms in important functions like credit ratings.

 

 

 

Advertisement

[CSG Winter 08] Information Management Policy

Rodney Hill, Educause Professor Chun Wei Choo at Toronto – has a good definition of info management. The systematic, imaginative, and responsible management of information so that: * the creation and use of information contributes strategically to the organization’s goals * groups and individuals have efficient access to and make effective use of the information … Continue reading “[CSG Winter 08] Information Management Policy”

Rodney Hill, Educause

Professor Chun Wei Choo at Toronto – has a good definition of info management.

The systematic, imaginative, and responsible management of information so that:

* the creation and use of information contributes strategically to the organization’s goals

* groups and individuals have efficient access to and make effective use of the information they need to do their work and to develop themselves.

How many CSG schools have info management policies? Not many.

What is Information Management – informal survey of policies from the working group of the eudcause security task force:

Data retention; records retention schedules; e-discovery; data classification; tools for encryption.

Paul Hill, MIT

from a security consultant: most organizations don’t know all the locations where data resides – the problem seems to be getting worse in many cases. they concentrate on asking people about data they have that they shouldn’t have.

The Institute archivist – wants to preserve context along with content. Need to ensure appropriate destruction of non-permanent records in a timely manner.

Sponsored programs – want to get rid of excess data. Concerned about data that’s distributed on campus.

Researchers – need to preserve data for long term – example is the Framingham Heart Study that started in 1948 and is now in its third generation of participants. Data gets repurposed – eg. in 2003 went into that data to mine the social network graphs. There’s all sorts of metadata and workflow context that needs to preserved along with the data.

Enterprise architect – every project should be asked “why are you collecting this data?” and “what is the necessary lifetime of this data?”

Informal survey – we’re all over the map.

Length of preservation of DHCP logs? never, 2 weeks, all the way to multiple years.

Length of authentication logs? from 48 hrs up to seven years.

Nobody seems to have URLs for policies related to log file retention.

Educause is going to have a half-day workshop on developing electronic records policies in early May in Arlington.