LAS VEGAS -- Treat metadata skeptically, or it can lead to unexpected risks to corporations, warned the keynote speaker at the Black Hat conference.
Because metadata grabs pieces of larger bodies of information and categorizes them, the metadata representation can give an incomplete or false representation of what the larger body actually contains, said Ian Angell, professor of information systems at the London School of Economics.
"Databases and categorization introduces uncertainty," Angell said, "and that becomes risk, and that leads to future risk. If you place your faith in computer systems, it's asking for disaster."
Angell used an anecdote to provide a light illustration of what he means about incomplete data causing troubles: The head of a prep school sent out a letter about the school's annual fees, but he misspelled annual as “annual." The spell-checker substituted "anal" for "annual," which prompted one parent to reply that he was impressed by the new name for the fees because previously he'd only been asked to pay through the nose.
The lesson, Angell said, is that people are coming to accept blindly what they are told by computer systems that have crunched data without putting the data in context -- as only humans can. "All data is context sensitive," he said. "Facts are like sacks and won't stand up unless you put something into them."
Reliance on computer systems creates technology bureaucracies that can produce the same bad results as traditional paper-based bureaucracies, Angell said. He told the story of a British man jailed for three days because he violated a court order to have no contact with his recently divorced wife. It turned out the "contact" was an e-mail generated by a social-networking site he had joined that automatically sent notification of his membership to all the addresses in his e-mail address book, which included his wife's address.
E-mail at work is a source of potential trouble for workers because of a convergence of technology bureaucracy and the de-categorization caused by databases. E-mails can represent a step in how a decision was made, but not paint the entire picture, Angell said.
Angell advises his business students to make sure their e-mail communications about important work projects are explicit, he said. "Use e-mail as a defensive weapon," he said. "Make all agreements conditional. I advise an audit trail for e-mails that makes sure the buck doesn't stop with you. That's what others are doing."
The lack of context promoted by databases leads to profiling that doesn't necessarily represent a person, Angell said. He cited the case of an acquaintance who ordered a DVD rental of a movie that involved a bisexual character and afterwards received promotions for DVDs of gay movies. He ordered a string of heterosexual erotic films to counterbalance his profile, Angell said.
To avoid this type of problem stemming from the monitoring of individuals' Internet activity, Angell recommended installing personal Web crawlers that randomly access Web sites when the browser isn't being used. He likened that to acquiring samples of human blood and tissue from hospital laboratories and sprinkling them around crime scenes to mask DNA traces left by the actual criminals.
Rss FeedRss Feed
The Leader in Network Knowledge
Comment