Tuesday, August 20, 2013

The Coffee Shop–The New Source of Privacy Leaks

I was in a coffee shop this morning where I couldn’t help but overhear a very loud conversation taking place. 

It was a strategy planning session for Alberta Health Services and ironically, the strategy session was about protecting privacy.  Names were named, email addresses and phone numbers were tossed around, different people’s positions were discussed, ways to bypass “difficult people” were evaluated, strategies to secure capital in a time of austerity were discussed, etc.

It was probably a conversation that I shouldn’t have heard and I won’t share details of it nor did I take notes.

However, it is not the first Alberta Health Services conversation I have heard in a public place.  I remember overhearing a nurse last year who proudly pointed out to a coffee colleague that she only looks up private patient information on behalf of people that she can trust and in a specific way so that no one else finds out she is doing it.

The only problem is that if you really want to keep a secret you don’t tell anyone – especially in a public place. :-)

I’m not picking on Alberta Health Services. 

I have overheard accountants discussing a company’s financial position in public (without the owners being present), lawyers planning their defense for murder, DUI cases and other litigation matters, politicians discussing strategy, senior politicians who left confidential or classified briefing notes on their table while they went to the restroom, confidential employee reviews, married lovers planning adulterous rendezvous, businessmen preparing for hostile takeovers, etc.

And then there is the less impactful but potentially problematic “Are you ready for me to read my credit card # to you?  It is ….. and the expiry date is …… and the name on the card is …..”.

I have been approached by lawyers and businessmen who, upon realizing that they were overheard, approached me and demanded I sign an NDA, which I have refused (although I have told a few of those folks that if they worked for me, they would have been fired immediately for indiscriminately sharing confidential information).

And I interrupted a potential terrorist who was writing a pro-Jihad presentation.  I wrote about this event in The Power of Trusting Your Instinct.

Protecting privacy used to be a source of humor

Back in the late 60s, we used to laugh at the character of Maxwell Smart in the TV Series “Get Smart” when he would insist upon using the Cone of Silence to protect the privacy of sensitive conversations.

But in the modern era, privacy is not a laughing matter.  We get up in arms about the NSA, Facebook and other groups snooping in our emails, social media interactions and phone calls while we freely share information that we shouldn’t (especially regarding our children) and we speak loudly in public places when we probably should wait for a more private moment. 

We log onto public Wi-Fi and conduct sensitive transactions despite the number of products out there that have been demonstrated to be able to read our online interactions no matter how secure those interactions are according to software vendors.

And yet we cry foul when someone else contravenes our privacy.

Protection of our privacy, whether personal or professional, is not only a matter for other organizations, private, public, judicial or legislative to take care of.

It is something we need to play a bigger role in ourselves.

Otherwise, it doesn’t matter what groups like the NSA or Facebook do – we’ve given it all away anyway.

Most of us who overhear or see that which we shouldn’t are trustworthy and will do nothing with the incessant flow of sensitive information that comes in our direction.

Unfortunately, the same cannot be said for all members of the human species.

Do you really want to take the risk of not knowing who is in the room taking notes?

I didn’t think so.

In service and servanthood,

Harry

PS Bad news, ██████████. You are about to be fired from ██████████ in Calgary.  HR and corporate legal just wrapped up their meeting at the table beside me and will tell you on Friday.  I Googled your name and found you in LinkedIn, Twitter and Facebook but it’s not my place to tell you.

Or is it – you appear to be a nice family guy from what you have shared publicly.  The GPS coords on the photos of your family are a nice touch also … if someone wanted to violate the personal space of your family.  Hmmmm … maybe you’re not so smart after all.


Addendum – August 20, 2013

I wrote about the same subject back in February of 2012 in the blog post Privacy and the Real Weakest Link, highlighting some of my concerns then. While not trying to be redundant, I think it is a subject that is worthy of revisiting once in a while until organizations and the people who represent them get their act together when it comes to privacy. 

What is curious to me as I revisit that blog entry is that it mentioned two social workers who were openly discussing (with some level of disgust) their current cases (with names).  I wonder if they were associated with Alberta Health Services also.  I hope note.

I also noticed that I was in a coffee shop when I wrote that blog also.  Before anyone asks, the answer is “No – I don’t live in or own a coffee shop”. :-)


Addendum – No One Cares - April 15, 2014

As news broke today of over $1 Billion in spending within AHS via sole-sourced contracts (in some cases in violation of its own rules) I reviewed some email exchanges I had with AHS staff where I described the things I noted in this blog post and other posts

For the different interactions, people thanked me for the emails (proving they received them) but they never seemed to care nor did they ever bother asking for details.

I wonder what it will take to make them care.


No comments:

Post a Comment