Data Governance Should be a Republic – Not a Democracy
A true ‘data democracy’ would be a disaster. As Marr, says, “Data democratization means that everybody has access to data and there are no gatekeepers…” That sort of transparency would mean no information would be withheld from anyone in an organization – including sales, salaries, personnel performance, health records, and PII.
If the thought of everyone having access to everything anyone in your company knows (including HR, finance, and the C-Suite) isn’t concerning enough, consider that once allowed to proliferate throughout an organization, democratized data would inevitably leak into the wild.
The current trend, with good reason, is toward greater restrictions on data distribution – not less. HIPPA, GDPR, California’s privacy laws, and PII protection have become the most important data-related issues of our time.
Before buying into a clever alliteration (data democratization; clean coal; greed is good), you have to ask concern yourself with substance. Are you really ready for everything you know about your colleagues, customers, and consumers to be freely shared? Isn’t that tantamount to what we now call a data breach?
Consider also that data has value; ascribable monetary worth. As such, as anyone who has ever held the Big Chair in a data-related function (CIO, CTO, CDO, CDS) can tell you, data governance includes a fiduciary responsibility. The keeper of the data is the protector of assets.
Likewise, the accumulation, aggregation, and utilization of data incur costs. Who is to bear those burdens, and externalities, in a data socialism/anarchy? The notion that ‘information wants to be free’ is akin to the childish contention that candy wants to be eaten (and it’s not what Woz actually said, or meant).
The most effective form of government – and governance – is not a democracy, but rather a republic. The ideal of a Republic (as first espoused by Plato) is that those with requisite expertise should represent the best interests of the citizenry. Likewise, we should be looking to construct a data republic that allows for the federation and utilization of data – but simultaneously ensures its protection.
By: JT Kostman, PhD