Learning to be intelligent about artificial intelligence

This week promises to be a huge one in the world of Artificial Intelligence (AI). I should caveat that in that almost every week includes a barrage of news about AI. And, depending which articles you read, AI is either going to:

  • Take away all our jobs or create exciting new jobs.
  • Solve global issues like climate change or hasten climate change through massive data centre power and water requirements.
  • Lead to the demise of society as we know it or create a new utopia.

A week of high profile AI events

So, why is this week so special?

  1. First of all, the G7 nations have agreed a set of Guiding Principles and a Code of Conduct on AI. This has been lauded by the European Commission as complementing the legally binding rules that the EU co-legislators are currently finalising under the EU AI Act.
  2. Then, starting on Wednesday, the UK is hosting an AI Safety Summit at “the home of computing”, Bletchley Park. And this summit is already controversial with some questioning the diversity of the attendees, including Dr Sue Black, who famously championed saving Bletchley Park from redevelopment.
  3. The same day, Microsoft’s AI Copilots will become generally available to Enterprise users, and there’s a huge buzz around how the $30/user/month Copilot plays against other offers like Bing Chat Enterprise ($5/user/month), or even using public AI models.

All just another week in AI news. Or not, depending on how you view these things!

Is AI the big deal that it seems to be?

It’s only natural to ask questions about the potential that AI offers (specifically generative AI – gAI). It’s a topic that I covered in a recent technology advice note that I wrote.

In summary, I said that:

“gAI tools should be considered as assistive technologies that can help with researching, summarising and basic drafting but they are not a replacement for human expertise.

We need to train people on the limitations of gAI. We should learn lessons from social media, where nuanced narratives get reduced to polarised soundbites. Newspaper headlines do the same, but social media industrialised things. AI has the potential to be transformative. But we need to make sure that’s done in the right way.

Getting good results out of LLMs will be a skill – a new area of subject matter expertise (known as “prompt engineering”). Similarly, questioning the outputs of GANs to recognise fake imagery will require new awareness and critical thinking.”

Node 4 Technology Advice Note on Artificial Intelligence, September 2023.

Even as I’m writing this post, I can see a BBC headline that asks “Can Rishi Sunak’s big summit save us from AI nightmare?”. My response? Betteridge’s law probably applies here.

Could AI have saved a failed business?

Last weekend, The Sunday Times ran an article about the failed Babylon Healthcare organisation, titled “The app that promised an NHS ‘revolution’ then went down in flames”. The article is behind a paywall, but I’ve seen some extracts.

Two things appear to have caused Babylon’s downfall (at least in part). Not only did Babylon attract young and generally healthy patients to its telehealth services, but it also offered frictionless access.

So, it caused problems for traditional service providers, leaving them with an older, more frequently ill, and therefore more expensive sector of the population. And it caused problems for itself: who would have thought that if you offer people unlimited healthcare, they will use it?!

(In some cases, creating friction in provision of a service is a deliberate policy. I’m sure this is why my local GP doesn’t allow me to book appointments online. By making me queue up in person for one of a limited number of same-day appointments, or face a lengthy wait in a telephone queue, I’m less likely to make an appointment unless I really need it.)

The article talks about the pressures on Babylon to increase its use of artificial intelligence. It also seems to come to the conclusion that, had today’s generative AI tools been around when Babylon was launched, it would have been more successful. That’s a big jump, written by a consumer journalist, who seems to be asserting that generative AI is better at predicting health outcomes than expert system decision trees.

We need to be intelligent about how we use Artificial Intelligence

Let me be clear, generative AI makes stuff up. Literally. gAIs like ChatGPT work by predicting and generating the next word based on previous words – basically, on probability. And sometimes they get it wrong.

Last week, I asked ChatGPT to summarise some meeting notes. The summary it produced included a typo – a made-up word:

“A meeting took tanke place between Node4 & the Infrastructure team at <client name redacted> to discuss future technology integration, project workloads, cost control measures, and hybrid cloud strategy.”

Or, as one of my friends found when he asked ChatGPT to confirm a simple percentage calculation, it initially said one thing and then “changed its mind”!

Don’t get me wrong – these tools can be fantastic for creating drafts, but they do need to be checked. Many people seem to think that an AI generates a response from a database of facts and therefore must be correct.

In conclusion

As we traverse the future landscape painted by artificial intelligence, it’s vital that we arm ourselves with a sound understanding of its potential and limitations. AI has often been regarded as a silver bullet for many of our modern challenges, a shortcut to progress and optimised efficiency. But as we’ve explored in this blog post – whether it’s the G7 nations’ principles, Microsoft’s AI Copilot, or a fallen Babylon Healthcare – AI is not a one-size-fits-all solution. It’s a tool, often brilliant but fallible, offering us both unprecedented opportunities and new forms of challenges.

The promises brought by AI are enormous. This week’s events underscore the urgency to familiarise ourselves with AI, acknowledge its potential, and intelligently navigate its limitations. From a set of AI guiding principles on a global scale, to raising awareness on gAI, and analysing the role of AI in business successes and failures – it’s clear that being informed about AI is no longer an option but a necessity.

gAI tools, while they are transformative, need to be used as assistive technologies and not as replacements for human intellect and expertise. Embracing AI should not mean renouncing critical thinking and caution. So, as we interact with AI, let’s do it intelligently, asking the right questions and understanding its strengths and limitations. We need to be smart about using AI, recognizing both its potential and its constraints. This will enable us to harness its power effectively, while avoiding over-reliance or the creation of new, unforeseen problems.

It’s time we stop viewing AI through a lens of absolute salvation or doom, and start understanding it as a dynamic field that requires thoughtful and knowledgeable engagement. Evolution in human tech culture will not be judged by the power of our tools, but by our ability to skillfully and ethically wield them. So, let’s learn to be intelligent about how we use artificial intelligence.


That conclusion was written by an AI, and edited by a human.

Featured image: screenshot from the BBC website, under fair use for copyright purposes.

Weeknote 13: Change control (Week 10, 2018)

This content is 6 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

This week has been dominated by two things:

  1. Windows 10 device builds. Lots of them.Several piles of Microsoft SurfaceBooks
  2. Change Control.

The first part is the easy bit. I have an eager team of build engineers, led by a committed and diligent Consultant to help with that. The second part has resulted in more than its fair share of pain.

As the client-side Programme Manager remarked to me, there are two types of change to manage: change that needs budget and resources and agreement; and “things we need to tell you about”.

The changes I’ve been fighting with are certainly in the “things we need to tell you about” category: minor edits to user account information in Active Directory made on an individual user (or small group of users) basis. Such changes are easily reversed but need to be communicated (to users, and to those who support them – so they are ready for any consequences).

Unfortunately, in order to make this minor change (admittedly a few thousand times), I have to complete a form that’s really designed for much heavier changes, submit it at least a week ahead of when I want to make the change (which is not very agile), attend various meetings to provide information, have multiple conversations outside the process to smooth the path of the change, stand on one leg, do a little dance and make incantations (OK, I made the last part up).

And, as one former customer replied:

Change control has its place but sometimes it feels like a lightweight process should be there for the “things we need to tell you about”-type changes. When I completed my ITIL® Foundation training, people said “you’ll breeze it Mark, it’s just common sense” – and it is. Unfortunately, it seems to me that many people use ITIL as a reason to wrap themselves in unnecessary layers of bureaucracy. There’s also a natural tension between those who are tasked with designing new and improved services and those who need to operate services. One wants change. One wants to avoid change. And, where outsourced services are in place, there are commercial reasons not to make any changes too.

Next week, I’ll find out how successful I’ve been. If I’m lucky, we’ll get approval two days after we need it. I’m not adding to my pain by making an urgent or emergency change (I’m not a masochist) but I have recorded an issue in the PM’s RAID log…


Other encounters this week have included:

  • Night-time mountain-biking in the woods (helping out with my eldest son’s cycling club) – that was fun!
  • FUD from my younger son’s school around GDPR.

Needless to say, I’ll be ignoring the (poorly-written) communication from the school. Why expect me (as the user of the service) to take action to help the organisation tidy up their data when they have clearly misunderstood their obligations?

Now, it’s the weekend. It’s been another very long week. My train is nearly at Northampton and I feel the need to collapse on the sofa before I fall asleep. The weekend will be a mixture of “Dad’s taxi” and Mothering Sunday (helping my boys be nice to their Mum, and hosting my Mum and my Mother-in-law for lunch). Then back to work for round 2 of “change control”.

A “Snooper’s Charter” for the postal system?

This content is 8 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

I spotted this on my Facebook feed today, from an old University friend, who now works as a Senior Cyber Security Consultant:

“I will shortly be writing to my MP urging him to push the Cabinet to extend it’s Investigatory Powers Bill to mandate that all mail carriers must open all letters they collect, scan their contents, and store those images in an archive for a given period in case law enforcement agencies needed to review their contents. Furthermore, I think it would be reasonable outlaw glue on envelopes altogether…with a recommendation to allow postcards only.

I urge the rest of the UK to do the same as a matter of priority due to concerns around National Security.”

He always had a wicked sense of humour but for those who think this is just banter, it really is the postal mail equivalent of what the UK Government is proposing for email in the Investigatory Powers Bill (nicknamed “The Snooper’s Charter”). The staggering thing is that the UK public is largely unaware – generally engagement with politics here is low and I’d wager that the combination of politics and technology has a particularly high “snooze factor”.

[Perhaps Parliament needs to be transformed to involve some kind of “bake-off” type element with MPs getting voted out each week based on their performance. The Westminster Factor. Britain’s Got Legal Talent. Would that get the public involved?]

Putting aside low social engagement in politics (or anything that’s not a big competition on TV) this quote highlights how out of touch our legislators are with the realities of digital life – and how ridiculous the new law would be if applied to analogue communications…

Why Microsoft customers don’t need to worry about EU-US Safe Harbour/Harbor

This content is 8 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

When European Courts judged the 15-year-old EU-US Safe Harbour/Harbor treaty to be invalid last October, Internet news sites started to report how terrible this was for EU companies placing data into cloud services offered (mostly) by American companies. For some, that may be true, but that assumes Safe Harbour is the only protection in place.

This week, IT news sites are at it again. The Register (the tabloid newspaper of IT news sites) has an article titled Safe Harbor 2.0: US-Europe talks on privacy go down to the wire but the actual URI belies a much more dramatic title of “Safe Harbor countdown to Armageddon”. Sensationalist at best, some might even say irresponsible.

I’m no lawyer but, for my customers, who are implementing Microsoft cloud services, there seems to be nothing to worry about and I’ll explain why in this blog post. Of course, Microsoft is just one of many cloud services providers – and for others there may be valid concerns.

The United States Export.Gov website currently displays the following text regarding Safe Harbor:

“On October 6, 2015, the European Court of Justice issued a judgment declaring as ‘invalid’ the European Commission’s Decision 2000/520/EC of 26 July 2000 ‘on the adequacy of the protection provided by the safe harbour privacy principles and related frequently asked questions issued by the US Department of Commerce.’

In the current rapidly changing environment, the Department of Commerce will continue to administer the Safe Harbor program, including processing submissions for self-certification to the Safe Harbor Framework. If you have questions, please contact the European Commission, the appropriate European national data protection authority, or legal counsel.”

EU Model Clauses trump Safe Harbour

Microsoft President and Chief Legal Officer, Brad Smith, issued a statement on 6 October 2015. Quoting from that article:

“For Microsoft’s enterprise cloud customers, we believe the clear answer is that yes they can continue to transfer data by relying on additional steps and legal safeguards we have put in place. This includes additional and stringent privacy protections and Microsoft’s compliance with the EU Model Clauses, which enable customers to move data between the EU and other places – including the United States – even in the absence of the Safe Harbor. Both the ruling and comments by the European Commission recognized these types of steps earlier today.

Microsoft’s cloud services including Azure Core Services, Office 365, Dynamics CRM Online and Microsoft Intune all comply with the EU Model Clauses and hence are covered in this way.”

There’s also a follow-on post which talks in general terms about the wider issues and privacy beliefs but the key point is that Microsoft offers EU Model Clauses within its contracts, which go beyond Safe Harbour. Microsoft also has an FAQ on the EU Model Clauses that is worth a read.

Quoting again from the 6 October 2015 statement:

“We wanted to make sure all of our enterprise cloud customers receive this benefit so, beginning last year, we included compliance with the EU Model Clauses as a standard part of the contracts for our major enterprise cloud services with every customer. Microsoft cloud customers don’t need to do anything else to be covered in this way.”

That suggests to me that customers who have signed up to Azure Core Services, Office 365, Dynamics CRM Online or Intune since early 2014 already have greater privacy protection than was afforded by Safe Harbour – and that protection meets the EU’s current requirements. In short, Microsoft customers don’t need to worry about Safe Harbor (sic).

Social media and the law (#socmedlaw)

This content is 11 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Courtroom One GavelA couple of weeks ago, I received an invitation to a lunchtime round-table event, to chat about social media and the law. “What’s not to like?”, I thought, and a few days later I was enjoying the delights of good company in an Italian restaurant in London’s Covent Garden (and wishing I hadn’t driven to the station that morning – more vino please!). Well, what’s not to like indeed – a couple of hours flew by and I could quite happy have whiled away another couple, had I not needed to get back to the office…

So, social media and the law. Really? Is that such a big deal?

In a word, yes!

You see, whilst we’re all enthusing about sharing our lives online and building digital relationships, there are some for whom that’s a little too risky.  I’m not talking about over-sharing personal details here – exposing oneself to undesirable physical world impacts from digital world slip-ups – but about negatively impacting one’s employment as companies struggle to get their heads around a world where relationships are formed online as well as in the traditional methods. Indeed, even the round-table where we were discussing these issues was run under the “Chatham House rule” – precisely so that participants could speak openly and freely, without fear of the consequences of reporting what they said (reporting is fine, attribution is strictly off limits).

Starting the conversation with concerns about employees tweeting, there are a whole load of considerations, from issues of authenticity to accidentally committing an organisation to a contract. Some organisations maintain lists of approved social media users but what happens when an over-enthusiastic employee defends your brand using their personal account and crosses a line?

Ultimately, companies are trying to protect their reputation online and limit their liability in the digital space, just as they do in the physical world. But there’s no “one size fits all” solution: some brands may be “free and open”, others more “locked down” and it’s increasingly important to create policies for acceptable use of social media. The issue is that these policies need to be kept up to date, and need to reflect the real world. For example, an organisation might forbid its employees to affiliate themselves with a brand online. That’s OK on Twitter, Facebook, etc. but what about their online CV on LinkedIn? For all of my disclaimers absolving my employer of any views and opinions I express online (disclaimers that were, incidentally, triggered by an unclear social media policy), it’s still pretty easy to find who pays my salary and to establish a link between my personal views and a brand. Thankfully, I’m told, there is a legal distinction between a social media account used for work purposes and affiliation of a personal account to a company or brand.

Unfortunately, until “social” is embedded in our organisational DNA, there will be issues – and the legal minefield around developments in the way we use technology is not exclusively limited to social media.  Take recent legislation on the use of “cookies” for example, described at the event as “stupid laws by stupid people, made for the wrong generation”.

It’s important to recognise that much of the movement into social seen by companies today is out of compulsion rather than quantified need – organisations need to consider what’s right for their brand. And what if social media isn’t purely a marketing tool, but about relationships? Enlightened companies are accepting that employees are increasingly linked online but it’s still important to “think and use your brain”. Microsoft’s blogging policy is often quoted as “blog smart” – it’s actually two pages that boil down to “don’t be stupid”. The important element is being careful not to make forward facing statements on behalf of the company and monitoring takes place to control any breaches (inadvertent or otherwise).

Ultimately, employee behaviour is hard to control. Generally, there is no malicious intent. As employers we need to explain the consequences of actions but educating people is difficult.

Then there’s the issue of what happens when an employee leaves a company. There are high-profile cases of influential tweeters taking their followers to a new organisation, or of companies claiming that a LinkedIn profile belongs to them.  Many companies are only to happy to benefit from relationships (and skills) when staff are recruited but try to protect these assets when they move on – maybe a future legal case will clarify the situation, with a sensible judge telling companies that they can’t “have their cake and eat it” (one can hope).

Even in the most sales-focused organisations, handing over an address book is one thing but relationships are individual (people transact with people)… perhaps it’s the relatively new nature of social platforms that means the rules of engagement are still settling down?

There’s an argument that assets gained on company time belong to the company, but what exactly is company time? In our increasingly connected society, there’s a fine balance between an employment contract, bringing chores/devices to work and working extended hours outside the office. When do we stop being employees and start being individuals again? For many of us, there is no more 9 to 5!

A couple more points that I liked were: that corporate use of social media is not really about openness but about translucency; and that we have years of history with employees talking to customers – in shops! The difference now is the online evidence trail.

Some consider that the damage any one individual can cause online is limited anyway, that the Internet is “filling up”, with user-generated content increasingly buried in search results by bland, corporate results (which may be authoritative but make it hard to find any real information on making things work). On the other hand, if patent trolling is a valid business model (which it appears to be), what about copyright trolls, or social media offence trolls?

That brought us nicely onto copyright, which evolved because society saw creative endeavours that needed to be protected. But the nature and scope of copyright is that it can only exist where society respects and enforces the rules. That means that copyright does need to evolve, especially here in the UK, where there is no concept of “fair use”.

In summary, there are a lot of worries about social media and the law but nobody is really over concerned – we know that laws will change (eventually) – but there will be intervening years where the implications exercise the minds of everyone from board members downwards and only common sense can drive us through. That means that monitoring is required: companies can’t engage in social media unless they’re prepared to monitor and to be intelligent about what they find.

Highlight of #SocMedLaw - "stupid laws for stupid things, made by the wrong generation" eg: Cookie Law. Who agrees?... 100%
Abigail Harrison


So, what was the biggest lesson for me? Actually, it was nothing to do with the law. I found that taking comprehensive notes whilst tweeting and eating lunch is difficult!

Thanks to Social Safe for sponsoring the event and to Abigail Harrison (@AbigailH) for making it happen.

Photo Credit: Joe Gratz via Compfight (licensed under Creative Commons)

Consumerisation think tank panel at Dell Technology Camp 2012 (#DellTechCamp)

This content is 12 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Yesterday afternoon, I took part in a panel discussion on the evolution of consumerisation as part of a Dell Technology Camp and in advance of the publication of the third part of Dell/TNS Global’s Evolving Workforce research.  It was the first time I’ve taken part in an event like this and I have to admit I was pretty nervous but it was also an enjoyable experience – particularly given the wonderful surroundings of the Saatchi Gallery in south-west London.  I only wish I’d been able to tweet during the event (I did scribble some notes but was focusing so much on the conversation that tweeting would have been a step to far for this Gen-Xer who isn’t so great at “partial attention”!)

Evolving Workforce Think Tank @ #DellTechCampChaired by Stephen O’Donnell (@stephenodonnell), the discussion examined a number of topics related to consumerisation, including: the generational divide myth; recruiting and retaining talent; new working practices; technology choices; security;controlling costs and driving profit; and the impacts of geography and market sector on progress.

Dell have produced a Storify story about the whole day (not just the panel discussion) – and you can catch the recording of the live stream – but, for those who don’t have a couple of hours to spare, I thought I’d blog the highlights… I guess you could think of them as the tweets that never were:

  • Stephen Yap, TNS UK: It’s a myth that only generation Y gets “social” and consumerisation; TNS’ research finds that older generations are more accepting of IT as a transformation agent (and younger people are more sceptical).  [Something that one of my Baby Boomer colleagues, Vin Hughes, suggested over a year ago in a blog post about the digital world and generational labels.]
  • Alexis Lane, The Head Partnership: Organisations need a element of control to stay within the law, including open communication of policies.
  • Stephen Yap: IT is not just a utility – get it right and it can be a motivator for employees.
  • Mark Wilson (@MarkWilsonIT): The IT department is just a provider of “stuff” in our personal clouds – just like our bank, supermarket, email provider, etc. [Credit is due to Joe Baguley (@JoeBaguley) for that one… also see my post on the rise of the personal cloud, inspired by David Gentle (@DaveGentle).]
  • Helen Calthrop-Owen, Axicom: Consumerisation is part of a bigger change regarding how people work together.
  • Tim Weber (@Tim_Weber), BBC: Policies alone are not enough – citing Joshua Klein (@JoshuaKlein) he says that we need to “hack our work“, noting that it could get you fired, or you could be a big winner.
  • Bryan Jones (@BryanAtDell), Dell: It’s not “lazy IT” that holds us back so much as cultural challenges – the key is to create “competitive differentiation”.
  • Mathias Knöfel (@MathiasContext): Consider the cost factors and end user benefit – given a choice users will pay for flexibility.
  • Mark Wilson: Get under the surface of BYO and you’ll find it’s more about choice – giving users the ability to trade up to a “sexier” device [credit due to Garry Martin (@GarryMartin).]
  • Stephen Yap: Emerging markets see employer-provided devices as attractive (they tend not to have PCs at home); meanwhile in the US/Canada it’s about Bring Your Own Cloud [what I called the personal cloud] – questioning the need for corporate IT. Not so much about the choice of device but working in the way in which we have become accustomed to.
  • Alexis Lane: Increasingly difficult to draw lines of ownership (intellectual property and corporate data vs. life) – often old questions arise in a new context (e.g. the ownership of a contact database cf. LinkedIn profile).
  • Stuart Collingwood, Nivio: Enterprise-grade social media does exist; devices are more emotional and entitlement can create friction (i.e. who is entitled to what); light touch integration is required for end users to access corporate IT.
  • Bryan Jones: There is no silver bullet (in terms of technology); what’s required is a “portfolio discussion” about on premise IT; extrenal service provision (e.g. cloud) and how to bridge the gap.
  • Stuart Collingwood: Employee expectations for IT performance are “brutal”; tolerance of “corporate lethargy” and inflexible applications has dropped.
  • Tim Weber: Users tend to blame devices or applications but may be other issues; legacy holds us back (e.g. network performance).
  • Mark Wilson: Returning to issues of cost – tax implications with benefits in kind – need clearer advice from government.
  • Bryan Jones: The consumer knows what is possible – consumerisation is not solely an IT issue but raises business functional questions. The trick is to simplify IT, to become more responsive – and innovation is occurring whether we like it or not – there’s an opportunity to embrace it and to listen across the organisation, not just to IT.
  • Stephen Yap: There’s a shift towards outcome-based working with an unspoken contract between freedom and blurred boundaries [i.e. no more 9-5] and digital natives find this easier to understand.
  • PJ Dwyer, Dell: Flexible working is popular, but some employees dislike the remoteness/don’t feel part of the team.
  • Tim Weber: In addition to recognition issues, some roles require collaborative working and presence; interesting to see that Twitter (distributed by nature) has triggered Tweet-Ups – the Human Being is a social animal and companies are social organisations; consider team dynamics (e.g. in a large team, others suspicious that they are carrying the load) – management becomes a task of ensuring everyone knows what their colleagues are doing.
  • Marie-Christine Pygott, Context: Communications occur in many ways – if employees are not present, they are not on the mind of others (you can’t walk over to their desk for a chat).
Evolving #Workforce: Does a flexible working policy turn you into a flexible but virtual.. hermit?
  • Stephen O’Donnell: We need a virtual watercooler, do we need to use social media to highlight work milestones [or even, “I’m taking the kids to school, I’ll be back in 20 mins”]?
  • Stuart Collingwood: Expect to see that scenario become more common as future generations enter the workplace (and we’re already seeing changing literacy styles, such as use of “text speak” in written English).
  • Carly Tatum, Dell: Communications work in different ways; bringing people into a group situation from social media context can induce a different dynamic [one that doesn’t always work].
  • Mathias Knöfel: Often, meeting people face to face changes the relationship from that point onwards.
  • PJ Dwyer: Emerging markets have different perspectives, due to different stages of development.
Emerging countries leapfrogging with tech as no legacy technology. Getting best tech, big incentive #DellTechCamp
Margo Smale
  • Stephen Yap: In BRIC, for example, skipping PCs and moving straight to smartphones; also leapfrogging legacy in the workplace – not as encumbered.  It will be interesting to see the change as security, etc. become bigger issues in developing nations. Also cultural differences as in some geographies work and technology may act as motivators.
  • Alexis Lane: When talking about the security of information, we need to understand what it is we are protecting. It’s not realistic to say “everything” – what can we be more relaxed about?
  • Tim Weber: The “castle/moat model” makes less sense as we become more mobile and blast more holes in the walls – need to look at data level and see what can be done to protect it; requires clever thinking, supported by technology, to understand how to protect the things that are critical to your company.
  • Stuart Collingwood: We have to think differently about how we build systems – it’s hard (and expensive) to retrofit so we need to re-architect from the ground up.

Graphic Recording from Evolving Workforce Think Tank at #DellTechCamp

Key takeaways

For those who find even that list too much to work through – here are the key takeaways from around the table:

  • Stephen O’Donnell: Consumerisation is happening, it won’t stop – indeed it will accelerate; employees like it, it frees them up from coming to the office as well as from Victorian-style employment contracts; work is becoming more outcome-based; difficult to draw line between work and home; requires serious management – need to think, plan and come up with new ways of thinking.
  • Tim Weber: There is no single solution; every company needs to look at legacy – not just productivity and happy employees but the underlying stategic business model – suss that out and have clarity of thinking to drive company forward; remain flexible as things will constantly change on the roadmap.
  • Mathias Knöfel: BYOD gives opportunities for flexibiity with the right incentives but also risks that need to be thought through more carefully (e.g. legal/risk).
  • Mark Wilson: From an end-user perspective, don’t just think about the “Digital Natives”, also consider “Digital Pioneers” who have seen previous waves of IT transformation and those with no time/inclination too (Digital Luddites); from a management standpoint we need to develop new attitudes to work – become more trusting and results oriented; and the IT department needs to address issues around legacy, removing barriers through innovation and avoiding stagnation; finally, we can’t close lid on this box!
  • PJ Dwyer: It’s happening now; organisations need to be proactive and it affects not just IT but also HR, legal – indeed the whole business. Flexibility and choice are key to success and aspirations vary by market and geography.
  • Marie-Christine Pygott: There are pros and cons to consumerisation – it changes the dynamic of an organisation – the way people work, their flexibility, work/life balance but also who teaches whom – employees suggest more about the technology used; there is no single solution and we need need integrated strategies; communication is vital; also differentiation in different parts of the world.
  • Stuart Collingwood: Consider company culture – not just policy and structural issues – need to instil communications protocols, sensitivities and context within company culture – requires a top down approach.  Culture is safety net and policy handbooks are not enough. People will use technology more responsibly than you might give them credit for.
  • Alexis Lane: Embedding culture of the organisation and taking a decision as to what the company needs to be is important. It’s exciting to consider technology as a motivation – and from a legal perspective we need to get to heart of data issues.
  • Bryan Jones: Not just a technology discussion – people and process too; competitive advantage downstream is enormous; culture is critical to changing the dynamic in a company; it permeates, into how we communicate internally and how we interact with customers.
  • Stephen Yap: Enterprise IT has ever been more exciting than now; we’re at a tipping point, elevating the significance of IT within the organisation and to our lives; not just about IT professionals but it makes a difference to all – in how we work and how we live; not just happy and motivated workers but new business models, new ways of doing things. And the conversations that we’re having are more strategic than 10 years ago; IT is making a bigger difference than ever before.

tl;dr view

Stephen O’Donnell’s summary: there is an enormous opportunity for businesses to adopt and drive the socialisation and consumerisation of IT; to really make a difference in driving down costs, improving agility and improving employee/customer communication. On the other side, there is a risk that we “throw the baby out with the bathwater”, that we don’t follow the processes because it’s all new, that we under manage employees, don’t deal with security appropriately, don’t invest in the underlying infrastructure and so don’t achieve the benefits.

Image credits – Dell’s Official Flickr Page, licensed under Creative Commons Attribution 2.0 Generic (CC BY 2.0). Visual communication/storytelling by Creative Connection.

Half-baked cookies…

This content is 12 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

I don’t know if this website uses cookies. I think it probably does beacuse I have Google Adsense code and Google Analytics code in place. It wouldn’t surprise me if WordPress uses some cookies too but, like many bloggers, I use off-the-shelf software and, as long as it works, I don’t worry too much about how things happen.

Unfortunately, some half-baked EU directive about privacy and cookies (half-baked – get it…) takes effect this month after even the UK government needed a year to get its act together (the Information Comissionners Office, which is responsible for enforcing the associated UK legislation, only removed its last cookie in March).

What’s worse is that the ICO’s guidance for website owners is really difficult to follow. Peter Bryant (@PJBryant) pointed me at an article in PC Pro magazine that suggests I should be OK without doing anything, meanwhile Kuan Hon (@Kuan0) from the Cloud Legal Project at Queen Mary University suggested a few weeks ago that we all need to be looking carefully at our sites if we want to avoid a fine…

I’m no lawyer and I can’t afford to be paying fines so I checked out some WordPress plugins that might help me. Some were linked to websites that should check my site for cookies… except they didn’t seem to work – and, anyway, I don’t really want to be making a big deal about cookies (they are, mostly, harmless).

I selected a very simple plug-in called Cookie Warning that presents a message (importantly, not a pop-up) to first time site visitors. The message is customisable (although changing the size of the text on the buttons will involve me editing the plugin) and it seems to be enough for me to gain consent from users. Importantly, it doesn’t seem to impact the way in which search engines see the site.

Only time will tell if this change negatively impacts my traffic – I’d like to think that most of my visitors understand enough about cookies to realise that this is not really such a big deal – but it will be interesting to see how this pans out over the next few months as companies big and small update their sites to comply with the legislation.

Microsoft surrenders to the bureaucrats in Brussels

This content is 15 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

A few days back I commented about the madness that is going on in Europe with the European Commission taking up the case of a minority web browser company and making life difficult for Microsoft in the courts.

Let’s get this straight: Opera may be a fine browser but, as far as I can tell, almost no-one uses it on the desktop. Part of the reason for this is that, long after most other browsers became free, Opera were still charging users so they failed to capitalise when Firefox grew its market share at the expense of Internet Explorer. Basically, Opera’s business strategy failed… so they went to court and other minority browser vendors piled in (e.g. Google).

As a result of componentisation of Windows, Microsoft gave us the ability to uninstall Internet Explorer from Windows 7 but that wasn’t enough for the bureaucrats in Brussels so now, in order to avoid costly delays in shipping Windows 7 as a result of legal action, Microsoft has decided to offer an E edition of Windows 7 in Europe, without Internet Explorer.

As I wrote last week:

“Personally, I would like to install Windows quickly with the least possible user interaction. Then, once the base operating system is installed, I’d like to select roles/features (as I do for Windows Server 2008) and install any third party software that I choose – independently of the Windows setup routine. If we have to have something to please the minority browsers (Opera, Chrome, Safari, etc.) then Windows already lets me choose search providers, media players, mail clients, etc. – why not use the same mechanism for browsers?”

Instead, I have multiple Windows versions for multiple markets. Thanks to the EU I have one version of Windows 7 in Europe and another for the rest of the world (what’s not clear is whether I can still buy the normal version in Europe, should I choose to do so). Gee, thanks. I’m glad to see my taxes are being used to tackle the real issues of the day… like financial meltdown, rising unemployment, global warming, world poverty…

It seems that, if I have a company with a product that no-one wants, I can go to the European Commission and have them stop the large, successful, companies from competing with me. Presumably Apple will stop shipping Safari with OS X and Linux distros in Europe will come without Firefox, etc.? No. I thought not.

The Pirate Party takes 7% of the vote in Sweden… meanwhile the European Commission wants Windows users to vote for their browser!

This content is 15 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Last Friday saw the election of representatives to the European Parliament (MEPs) and the results were out today. Whilst this might not have the global impact of President Obama’s election in the United States, for the 375 million of us that live in the 27 EU member states (sorry, sovereign nations), it is pretty significant because, according to the eurosceptics, 75% of our national laws are passed down from Europe.

Here in the UK, minority parties faired well – partly as a protest against our own incumbent (or should that be incompetent?) Government and partly as a result of the proportional representation system that is used for the European elections. Whilst the UK Green party narrowly missed out on a third seat in South East England (but the far right British National Party gained significant support in the North of England…), it’s the result in Sweden that has perplexed me the most – 7.1% of Swedish voters said “yes” to the Pirate Party – formed in response to copyright laws and the impact of the Pirate Bay filesharing network!

Now, I’ve been very careful not to express any political views in this post but, with a new Parliament in place, it seems to me that now is the time to sort out the idiots in Europe who are pushing ahead with yet more action against Microsoft for bundling Internet Explorer in Windows (hey guys – you’re too late – the damage was done 10 years ago, the American Courts did very little about it, and Internet Explorer has credible competition in the shape of Firefox today). It seems that Microsoft’s componentisation of Windows and provision for the removal of Internet Explorer 8 is not enough for the European Commission – they want users to vote for their browser of choice when installing Windows!

Personally, I would like to install Windows quickly with the least possible user interaction. Then, once the base operating system is installed, I’d like to select roles/features (as I do for Windows Server 2008) and install any third party software that I choose – independently of the Windows setup routine. If we have to have something to please the minority browsers (Opera, Chrome, Safari, etc.) then Windows already lets me choose search providers, media players, mail clients, etc. – why not use the same mechanism for browsers? There’s more about this madness over on Mary Jo Foley’s All About Microsoft blog but I really do wish that my taxes (which pay for Neelie Kroes and her organisation to bring about action like this) were being used more effectively…

Accessing unsecured Wi-Fi – is it a crime?

This content is 16 years old. I don't routinely update old blog posts as they are only intended to represent a view at a particular point in time. Please be warned that the information here may be out of date.

Whilst I was researching my earlier post about WiMax in Milton Keynes, I came across an article on The Register about a couple of guys who got themselves arrested for accessing someone’s open Wi-Fi connection.

The comments make interesting reading – I recommend a read but will warn you that there are 111 of them, so you’d better be good at skim reading!

There are lots of useful analogies there (and the general consensus seems to be that, if a Wi-Fi access point is open, then you are inviting people to come in – especially with most wireless cards configured to connect to the strongest available signal – and that, if it’s secured, then it is clearly a private computer system) but I found a few of them particularly interesting after reading Section 1 of the Computer Misuse Act, 1990 (I’m sure other laws can equally be applied):

Unauthorised access to computer material
(1) A person is guilty of an offence if—
(a) he causes a computer to perform any function with intent to secure access to any program or data held in any computer;
(b) the access he intends to secure is unauthorised; and
(c) he knows at the time when he causes the computer to perform the function that that is the case.
(2) The intent a person has to have to commit an offence under this section need not be directed at—
(a) any particular program or data;
(b) a program or data of any particular kind; or
(c) a program or data held in any particular computer.
(3) A person guilty of an offence under this section shall be liable on summary conviction to imprisonment for a term not exceeding six months or to a fine not exceeding level 5 on the standard scale or to both.

[Computer Misuse Act, 1990]

Based on this it could be argued that, if anaccess point is broadcasting SSIDs and is unencrypted, then a person cannot know that the access that they intend to secure is unauthorised. It could also be argued that, by broadcasting its presence, the access point accessed any computers with wireless cards in the area without their respective owners’ permissions. Or consider, as another commenter highlighted, what happens when pinging a computer’s IP address – is that not requiring the other computer to perform an action (even if that action is to reject ping responses, it still has to read the packet)? What about accessing a web server – did I explicitly give you permission to come here and read this article? No, but by publishing this website, I gave implicit permission, which is expanded further in my legal notice. Ergo, by leaving wireless access point open and broadcasting it’s SSID, I would be giving implicit permission to access it.

I know there’s at least one Copper who reads this blog and I’m sure he has an opinion. As of course, do I. And that’s why I locked down my Wi-Fi.

Usual caveats apply: I am not a lawyer; don’t interpret anything you read here to be legal advice; etc., etc..