Introducing The Flow Report
Introduction from Don D’Amico, Glacier’s Founder & CEO
Welcome to the very first Flow Report, Glacier’s monthly report on timely and thematic issues facing organizations that use external data in their operations. Each month, we will cover a data risk topic that is relevant for executives, data teams, legal and compliance staff, and other risk professionals. In the inaugural Flow Report, we lay the foundation for understanding the current state of data risk.
Before launching Glacier, I managed the US office of a data sourcing company and created a compliance diligence tool that is used by many firms on Wall Street and beyond. I started Glacier because I saw that the data risks faced by financial services firms are growing and not limited to finance – emerging technologies are driving data collection and risk across the private and public sectors.
Thank you for your support.
Sincerely,
Don D’Amico, Founder & CEO
Interview - The State of Data Risk in 2024
Q: What do you mean by “data risk”?
Don: Data risk is a more expansive concept than compliance. Data risk includes conventional legal risks in data (e.g., licensing, copyright, cybersecurity, etc.) but also refers to business risks such as continuity, quality, reputation, and more. Organizations today need to manage data risk, not just compliance in a narrow sense.
Q: Is it possible to give an overview of the data risk landscape today?
A: Yes. Of course, the risks shift each year with changes in technology, law, and even geopolitics. In 2024, we have seen some lessening in certain risks related to web scraping, with several court wins notched by Bright Data, for example. But there have also been upticks in risk related to geolocation data in the United States, with the Federal Trade Commission and multiple states pursuing restrictions prohibiting data collection with a greater degree of accuracy than 1,850 ft – which is a tough standard to meet. Data has become a flashpoint in trade and politics between the United States and China, with inconsistent results – consider the recent lessening of security controls, even as China has investigated local offices of US firms such as Capvision, Bain, and Mintz Group in 2023. And of course, generative AI presents its own risks.
Q: What data risks are top of mind in the second quarter of 2024?
A: In short, AI and China. Interestingly, those two issues merge as US lawmakers are looking at using existing export controls to regulate LLMs and data flows to China. US-based firms remain highly interested in collecting data from China (and APAC) but are now contending with potential risks such as espionage charges. With respect to AI, many companies have transitioned to slightly more permissive policies permitting use of tools such as ChatGPT provided that company (trade secret) data is not used to train external models. Financial services firms also had to incorporate some additional diligence work around these tools.
Finally, February saw the rare Wall Street Journal negative news coverage of a data provider, as Change Healthcare was the subject of a massive cyber-attack, reportedly potentially exposing the PHI and PII of a “substantial portion of people in America.” This attack is a strong reminder of the importance of requiring multi-factor authentication for access to sensitive data.
Q: How is Glacier addressing these issues?
A: We provide members with timely research to help them mitigate related risks and make more informed decisions on the business side as well.
Specifically, Glacier offers –
Threat reporting – weekly analysis of risks in the data supply chain to enable proactive risk management.
Surveillance summaries – a monthly record of substantial surveillance conducted by Glacier on your behalf.
Diligence support – highly experienced support on data and research vendor diligence.
Platform (beta) - members also have access to Glacier’s web-based platform with several other exciting features that are under development.
Glacier is building a distinct community of cross-industry professionals to promote best practices and share intelligence related to data risk.
Q: That seems like a lot to cover.
A: It is. The range and scope of data risk issues present an enormous challenge for the data market. For that reason, Glacier is building a deep bench of industry experts who will share insights in this monthly Flow Report.
See you next month.
Subscribe to get the Flow Report delivered to your inbox each month.
This post was written by Don D’Amico without the use of generative AI tools. Don is the Founder & CEO of Glacier Network, a data risk company providing services to users of external and alternative data. Visit www.glaciernetwork.co to learn more.