IT Leadership: Y2K's Long-Term Impact
Happy new year, everyone. Welcome to 2010 - a new year and a new decade.
Ten years ago we were all wondering if Y2K presaged the end of the (IT) world as we knew it--worries triggered by a few simple design decisions (and poor documentation) made decades earlier to get around technical limitations in the platforms we used way back when.
I sometimes wonder how many similar decisions have been made since then that will come back to worry or bite us in later decades. There are bound to be some--the law of unintended consequences almost guarantees it.
Of course, Y2K actually didn't cause all that much upheaval--unless you count a lot of wasted time and effort fixing things that would have worked just fine anyway, as they did in all the places where they weren't fixed--and it was a great excuse to renovate a lot of old technology and code...something we probably need to do again, but have no easy excuse for.
That, however, isn't quite what I wanted to muse on here.
Over the holidays, one of the investment newsletters I subscribe to published a relatively scary story about how easy it is to find out things about people by mining their online footprint and history. The writer asked for help in devising an easy, safe and convenient way to disappear online. He didn't also ask for it to be legal, but we'll assume that "within the law" is a requirement, too.
Now there are quite a few ways to accomplish this kind of anonymity online today, but they all involve using a third party--who could be just as much of a problem as the annoying but relatively benign data-miners, either through omission (a data breach), commission (bad guys masquerading as good guys), or both.
You also trade off quite a bit of performance--and depending on what you do online, at some point you probably skirt close to or over the edge of legality.
If all I want to do is browse around the Web and occasionally download free content, I'm probably OK, but as soon as I want to pay for something or I have to register to get something, I'm going to have a problem.
Just about every legitimate payment mechanism requires you to have a "real" identity and the fine print on just about every payment instrument issued to you requires you to attest that the information you provide is true.
Also, it's not that it's illegal to construct a synthetic identity and use it for legitimate purposes, it's just that doing so makes you look a lot like the folks who build such identities to hide their illegal intent. In the current socio-political climate, you're going to be lumped in with the bad guys whether you deserve it or not.
There's no easy answer here. We all like the convenience that online commerce, communication, etc. bring. We all have to trust a collection of third parties to make this convenience possible.
We all want it to be cheap--and data mining and profiling is a part of what pays for the technology and services that makes it cheap. It's also a part of what makes us generally safe from the bad guys (at least most of us most of the time).
I think we need to have more of an informed (and I do mean informed) debate about these issues before we get panicked into a new version of the kind of Y2K-triggering decisions that we will later regret and that will cost a lot to fix.
John Parkinson, the former CTO of TransUnion LLC, has been a technology executive and consultant for over 30 years, advising many of the world's leading companies on the issues associated with the effective use of IT. Click here to read his columns in CIO Insight's print edition.