For those reading this after seeing the highlights in the Syzygy 3 April Newsletter, welcome. For those finding us directly, welcome as well.
The interview below evolved from the Epsilon data breach. If you don't know about the breach (pretty sure you've received an e-mail talking about it) or need a refresher, read this article:
If you're into social media in any way, you should know Ragy Thomas. Founder and CEO of Sprinklr - an enterprise social media platform (aka social CRM) - Ragy has been aggressively leveraging his expertise to help some of the world's largest companies profit from the exploding social media environment. Sprinklr was Ragy's brainchild after his stint as president of Epsilon's Interactive Services Group, and it's this diverse experience that brings him to our first interview (that and we've known Ragy for years now - name dropping).
Ragy's been away from Epsilon a long time (in tech years), so he didn't want to speak to specifics of the Epsilon data breach, but does see a lesson for all outsource firms housing consumer data, and he thinks it highlights the primary differences between non-social and social marketing.
Syzygy 3: So, how'd you hear about the breach and what was your initial reaction?
Ragy: Heard it on the news like everyone. It's the unthinkable. It's what you never want to find out about your company.
Syzygy 3: What's this say about data security?
Ragy: It's a reminder how seriously everyone has to take security. To be secure you have to make security everyone's business. From the client, the business, the IT admin, the receptionist. It underscores the need to have good security practices across the organization as a whole. We're so used to public data streams now and that raises the risk of security issues like this.
Syzygy 3: Do you think it will negatively impact the outsourced marketing and social media firms?
Ragy: No. I don't think it will hurt social media vendors much. The primary difference between email and social media data is that - social media deals with public information, for the most part. E-mail is private information, at least as far as the consumer is concerned. Reading your email is a private experience and consumers choose who they would like to reveal their email addresses to. Social media is public information and consumers expect the data to be out on the internet when they post to Twitter or a company's fan page on Facebook. That said, when you're dealing with consumer data in any form, security has to be an important consideration.
Social media is moving so fast that we're learning while in motion. The best practices are still evolving. No better way to learn than to make mistakes. The next generation or generation after that will have standards that we're trying to build now.
Syzygy 3: Do you think there will be legal repercussions, either from people whose data was stolen or Epsilon's clients?
Ragy: I can't speak to Epsilon directly, but I will say the outcome of the Epsilon investigation will set a precendent for the industry. So all eyes are on this.
This is a follow up to yesterday's post regarding the Justice Department's opposition to the extension of privacy protections to cloud and mobile services. It's a well-worn government argument - requiring warrants to access the data would overwhelm the court system and make it more difficult to protect the country. And while I'm not disinclined to assisting the government in protection of the country, also not ready to disavow my legal right to keep my information private. I'm not planning any nefariousness, but the way data is intermingled now (see Epsilon), my legal, benign information could easily be co-mingled with some underworld evil doer. Should the government get my details without proving they need it?
As we said yesterday, Obama is now in the tricky position of having to govern while being reminded of promises he made campaigning. Here's an interesting take on the situation.
I'm all about protecting the country and catching the bad guys. I don't like people who do or want to do bad things. And if they're using electronic communications to do it, then I want law enforcement to know about it.
But there is a limit. I'm still uncomfortable with the warrantless wiretapping the feds can conduct (which, despite his criticism, President Obama hasn't ended; shows the difference between campaigning and governing). Now, they want access to electronic data without securing a warrant. I know we've said the Internet is the most dangerous place in the world right; still doesn't excuse the government from respecting some of the rights of all citizens. And while the Constitution does not expressly grant a right of privacy, the courts have established one. Shouldn't be lightly dismissed under the guise of national security.
What say you?