Platt Perspective on Business and Technology

Building a startup for what you want it to become 38: moving past the initial startup phase 24

Posted in startups by Timothy Platt on June 17, 2019

This is my 38th installment to a series on building a business that can become an effective and even a leading participant in its industry and its business sector, and for its targeted marketplaces (see Startups and Early Stage Businesses and its Page 2 continuation, postings 186 and loosely following for Parts 1-37.)

I often refer to a business’ financials and its cash availability and flow as representing an equivalent to its life’s blood – vitally essential to its life and with any real interruptions in it quickly leading to business failure and even outright business death. And loss there, as traditionally documented in red ink, simply illustrates the general validity of this understanding as it has more generally been held by others too. Information and as both raw business and marketplace data and as processed actionable knowledge, can also be considered vitally essential to any business and on an equally ongoing and pressingly impactful basis. So if a business’ cash flow and related financials can be seen as being analogous to its blood supply, think of its information flow and availability, and access to accurate timely information at that, as being comparable to the air that that business would breathe if it were a living organism in a biological sense.

I have been addressing a set of risk management and related due diligence issues in recent installments to this series, that all directly involve the challenges of information development, use, storage and sharing, where business intelligence per se has become an increasingly valuable and sought-after marketable commodity in its own right. And the points of observation and conclusion that I have been raising and addressing here can only become more valid and more consequentially important:

• And both for their ranges of applicability within specific organizations
• And across all industries and business types that they would be included in,
• And for how their information management practices impact on the markets and the people who enter into them that those businesses ultimately all do business with.

I focused in the immediately preceding installment to this narrative progression: Part 37, on an increasingly pressing challenge that all information requiring businesses will come to face if they have not done so already.

• Legal requirements and restrictions as well as business ethics concerns, demand that personally identifiable and other sensitive information regarding customers and employees among others, that might cause harm to them if made openly publically available, must be protected.
• And I stress the importance of the ethical side to this imperative here, as a failure to safeguard sensitive, potentially risk-creating personal information can create marketing and image challenges for an inattentive business that can cost it financially and much longer-term than any regulatory agency-demanded monetary fine could. If a business comes to be seen in its target markets as being unreliable there and unsafe to do business with for its failures to safeguard information such as credit card numbers, potential customers who know of that failing will at the very least think twice before doing business with them and giving them those credit card numbers. And sales transactions with them are likely to slow down or stop as a consequence.
• Information, as noted above can be thought of as the air that a business breathes. And a failure to safeguard it, and a public awareness of that failure can become a noose around that business’ neck. But at the same time, businesses that seek to remain competitive find themselves in races to acquire and more effectively make use of seemingly ever-increasing volumes of this air: this all important information and both for more immediate transactional purposes as for example when developing effective customer relations and at point of sale events, and for their overall business planning and its execution.
• And that led me to a direct consideration of the challenge that I discussed in at least broad outline in Part 37 where the bigger and the more effectively, actionably organized and processed, big data becomes, the more of a mirage any attempt to anonymize individually sourced raw data that is included in it becomes.

I repeat and stress the above, both to allow for smoother continuity of narrative in this series and to make this posting more meaningful as a stand-alone narrative. And I also repeat, and I add expand on what I have already written of in this blog on this matter, because the challenge that I am raising and at least briefly addressing here is one of the most important ones that businesses are increasingly going to face and head-on, as this 21st century advances.

• Businesses increasingly face a conundrum here, from the conflicting needs they face to simultaneously wring as much possible descriptive and predictive value from the information that they hold as they possibly can,
• While at the same time limiting what can be inferred from it in understanding the people this data comes from, so as to explicitly protect their personal privacy and certainly as effective use of this information requires its sharing among wider ranges of potential stakeholders.

I offered a necessary part of any realistic resolution of this conundrum, when I noted the importance of actually checking to see how the progressively more inclusive big data systems in place in a business, might actually compromise any data anonymization and related risk minimization efforts that are also in place, through intentional effort made to “break” that anonymization as a risk management exercise. And that is certainly important for any business that initially develops those information resources, and certainly if any of their in-house developed and maintained data might go out of its doors, and either as marketable, profit generating commodities or as transactional data shared with supply chain or other partner businesses when carrying out specific sales transaction and related activities. But it also applies to acquiring businesses and certainly where they might intentionally or inadvertently further share this, and where their big data accumulation, aggregation and processing might further degrade any still-effective data source anonymization that was still in place from its various individual, more original sources.

I said at the end of that posting that I would turn here to more fully consider the three basic participant classes that enter into all of this, in light of the issues that I raise here:

• Data sourcing and providing businesses (which might or might not actually be data aggregating, developing and selling businesses as determined by their business models),
• Data acquiring and using businesses, and
• The original sources of all of this data with that ultimately coming to a large degree from individual consumers and customers.

I in fact begin this next step analysis here with businesses that explicitly gather in, aggregate, develop and sell individually sourced data as at least a key part of their business models, as explicitly cited in my anticipatory note as offered at the end of Part 37. And I do so at least in part with a goal of explaining why the white hat hacker approach to testing and validating any data anonymization system in place in a business, as touched upon in Part 37, cannot succeed, and certainly if it is employed as a stand-alone solution to this problem and not simply as one brick in a larger and more inclusive edifice. And I begin this with what has become the publically visible poster child if you will, for how not to behave as a business as far as personally sourced information is concerned: Facebook.

I begin that line of discussion by at least attempting to expose and perhaps explode what has become something of an overly simplistic and even toxic myth. When you look to the laws in place regarding personally identifiable, sensitive, risk-carrying information, and when you follow the ongoing public discussions as more commonly address this challenge, you essentially always see the same small set of data types showing up. And I of course, refer to social security numbers and related government-systems sourced personal identifiers, credit card numbers and the generally three digit security codes that also appear in conjunction with them, full names and addresses and phone numbers, etc, and precise healthcare and health status information to add in at least one general information category to this list. These data types, and categories are important and they do in fact represent genuine sources of risk and exposure vulnerability and both for identity theft and for direct monetary value theft and for other immediately impactful risk-creating reasons. But it is a mistake to focus essentially entirely on this smaller set of possible high value targets, for use and possible misuse. Ultimately the real risk can come from the cumulative amassing of vast and even seemingly open-ended amounts of individually sourced information that is in and of itself not sensitive and compromising but that holds a potential for collectively causing harm.

I only touch on one aspect of that possible and progressively more likely exposure problem in my here-continuing discussion of data anonymization through selective redaction, as begun in Part 37. And I only point beyond that to one small part of how such big data can be used for harmful purpose when I go beyond credit card number exposure and the like as more commonly considered, to make note of what Cambridge Analytica did in its efforts to subvert elections in the United States and elsewhere, beginning in 2013 (and also see Facebook and Cambridge Analytica: What You Need to Know as Fallout Widens.)

Facebook and its executive leadership have been called out on this, and more specifically for how their business practices in organizing, commoditizing and selling access to their members’ data made a Cambridge Analytica scandal both possible and even inevitable. But that is still only the now-visible tip of a much larger iceberg.

I am going to continue this discussion in a next series installment where I will, among other things discuss how Facebook incentivizes large, and even vast numbers of small businesses to use their platform for any online connectivity with their customers that they might enter into, in effect forcing those business’ customers to join Facebook if they need to online connect with these small business members. I will also discuss how Facebook sells information, and the impact of this on businesses that buy rights to it, and that buy advertising space on Facebook member pages that they target as members of specific market audiences based on this data. This will, among other things mean my specifically addressing the opportunities and challenges that startups and other newer businesses face as they make their due diligence, participate or not decisions here. And I will, of course, discuss the impact of all of this on individual Facebook members as they share more and more and more of their information through the site and with all of that going into Facebook’s marketable and sellable databases.

Facebook is currently, as of this writing, rolling out a new site design that is supposedly more privacy oriented and protective and that would be freed from at least a significant amount of the paying business sourced and other “friend”-deluge that floods most individual Facebook user’s pages now, drowning out any shared content that they might wish to see from people who they actually know. I will discuss their new website design roll-out too, where bottom line, data and member data in particular is still going to be Facebook’s most valuable marketable product and the most important source of revenue that they have too, and with its accumulation and sale still held as a central feature of their still ongoing business model from before.

Meanwhile, you can find this and related material at my Startups and Early Stage Businesses directory and at its Page 2 continuation.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: