For the past decade, chief information officers have devoted a great deal of time and attention to the technology part of IT. But as I’ve said in recent columns, the next decade will see a major shift to the information part of the equation. With the tools in place, companies are getting down to the business of mining, leveraging and making money from all that data they’ve been collecting.The technologists have had their day; now it’s the marketers’ turn. And CIOs everywhere are grappling with the question of their own role in data stewardship.Of course, before that question gets answered, a more fundamental issue must be addressed: Who actually owns all this information? SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe “Somehow, technology has led to this rogue theory that acquiring data about people gives you the right to own that data,” says Chris Hoofnagle of the Electronic Privacy Information Center (EPIC), in “Take the Pledge,” beginning on Page 56. “But there’s no theory of property that says that’s OK.” Privacy law will inevitably, if not immediately, come down on the side of individuals’ right to their own data. For now, however, CIOs are on their own when it comes to figuring out what to do.The ongoing Andersen/Enron case has brought the issue of corporate data retention and deletion to center stage. Recent revelations about the FBI’s use of e-mail monitoring to investigate Osama bin Laden’s terrorist network raise further questions. According to an internal FBI memorandum made public in late May, in addition to gathering e-mail from legitimate suspects, the system “also picked up the e-mails of noncovered” individuals. “The FBI technical person was apparently so upset [that the system picked up e-mails it wasn’t supposed to] that he destroyed all the e-mail,” including those related to the investigation. (View the memo at www.epic.org/privacy/carnivore.)Data stewardship doesn’t stop at document deletion. If a pending privacy bill (S. 2201) gets passed into law, U.S. companies will be required to give customers access to personal information they have collected. Europe already requires such access. It will certainly fall on the CIO’s shoulders to figure out how to comply with this mandate without incurring significant new costs.CIOs can’t and shouldn’t wait for the law to catch up with the state of the art. You must start the dialogue now regarding what is right, and then deploy the appropriate tools, policies and data management practices to support that stance. Related content feature Mastercard preps for the post-quantum cybersecurity threat A cryptographically relevant quantum computer will put everyday online transactions at risk. Mastercard is preparing for such an eventuality — today. By Poornima Apte Sep 22, 2023 6 mins CIO 100 CIO 100 CIO 100 feature 9 famous analytics and AI disasters Insights from data and machine learning algorithms can be invaluable, but mistakes can cost you reputation, revenue, or even lives. These high-profile analytics and AI blunders illustrate what can go wrong. By Thor Olavsrud Sep 22, 2023 13 mins Technology Industry Generative AI Machine Learning feature Top 15 data management platforms available today Data management platforms (DMPs) help organizations collect and manage data from a wide array of sources — and are becoming increasingly important for customer-centric sales and marketing campaigns. By Peter Wayner Sep 22, 2023 10 mins Marketing Software Data Management opinion Four questions for a casino InfoSec director By Beth Kormanik Sep 21, 2023 3 mins Media and Entertainment Industry Events Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe