Scott McNealy, Sun’s chairman and CEO just stood there on stage at Sun’s NC05Q1 launch and said he didn’t need to send an email to staff telling them security and privacy matter– nice pop at Microsoft, Scott.
What worries me though is that just a couple of years ago Scott stood up on another stage and said “Privacy is dead, get over it“. Now i appreciate how Scott may have gotten privacy religion – after all, California is leading the way in the US in driving privacy for consumers by fining companies that dont respect it. Some of Sun’s customers have been hit by some major fines so its an important issue. I wondered if his views were just a reaction to 9/11 but apparently he was already an exponent of the meme before then – privacy was dead in 2000.
And Scott is right to point out that Sun has made some good moves in the identity management area – through its identity management business, acquisition of Waveset. The Java Card meanwhile is another secure approach, as is the federated identity business model capability driven by the Liberty Alliance, which Sun initially led, although it has gone quiet on it since it started working with Microsoft on ID interoperability. Liberty meanwhile goes from strength to strength in thinking through data governance questions, such as those in healthcare.
Privacy isn’t dead. But it is hard.
Scott changing his mind – he is a master rhetorician after all, and often says one thing when he means another. But it would be nice to aknowledge the fact. Why does privacy matter now? Is it regulatory compliance or something else? Is Scott, often cited as a libertarian, worried about nosy big government (seems unlikely). When you start a conference on the theme of the importance of corporate culture- its worth taking a second to consider how the rest of Sun responds to mixed messages. What lead are you giving your staff about the importance of privacy. But privacy *is* a culture issue, as much as it is technical.
I dont expect anyone not to contradict themselves, but its nice if they aknowledge it at least a little bit. Or explain why things have changed. or why the world is complicated, or that different people have different but valid views on the subject.
Last year every baby was going to have a chip stuck in the back of its neck, thats the end of privacy – get over it. Today I am supposed to buy into Sun as a champion of privacy…
The thing is there are some leaders out there on issues concerning citizen and consumer privacy – namely Kim Cameron at Microsoft and Steven Adler at IBM. Lobby groups such as Privacy International play an important role here. From Sun on the other hand, i have not seen the same level of leadership recently. If taking a pop at Microsoft Trustworthy Computing is the best Scott can do, holding up MS is not a very high bar.. Was Liberty about protecting privacy or just a project to bash Microsoft. Probably a little of both.
We may have just got a partial answer – Jonathan Schwartz, Sun COO and president, following Scott, explained that CIOs number one priority is identity management because of Sarbanes Oxley concerns. indeed. So i guess someone did need to send an email to say privacy matters.
Solaris historically didnt have a completely granular AAA model, even if Scott wants us to believe it did. Solaris got really security hardened for the mass market later in its history. Unix root access is a major audit and compliance issue. Why does privacy matter to Scott now? Because his enterprise customers are worried about it, probably.
The issue is complicated – that’s my point. its not binary. i would just like to see Scott talk to the issues, cultural and technical, not just use privacy as a ticklist item for enterprise sales, or an excuse to attack a “partner”. The issue is too important to treat as black and white. Folks like Eric Norlin explain how hard it is.
At a time when governments are over reaching themselves in terms of citizen privacy this is no longer an academic issue. Privacy and Liberty are interlinked.
Michelle says:
February 4, 2005 at 10:42 pm
Mr. Governor,
Anytime you want to get some facts behind your blog, this is my open invitation to you to come on over and have a chat about data privacy.
Data protection and accountability and what we are doing procedurally and technocally here at Sun Microsystems to improve data control for consumers and employees worldwide. I, for one, am extremely proud of my privacy team and would be happy to discuss the truth. I suspect blogging is more fun, but the offer stands.
If leadership means splashy conference booth stalls for you, then I will admit here now that you really won’t see as much from us. If you need a t shirt or a free pen to tell you that this issue is crucial, you can even send me your address and I’ll send you one if you feel that this is the lacking leadership you are not seeing from my team.
But, on the other hand, if leadership means agressive pursuit of technological solutions wherever appropriate and better understanding of the people and processes that use technology and must manage large and complicated information flows, Sun’s leadership should shine through the marketing noise. Check out our Java technology, IDm line, including audit, provissioning and Liberty enabled authentication product lines, our client solutions teams, our Sun Ray devices (with their green computing side benefit), Solaris 10, Trusted Solaris…and so on and so on. This is more than acalalog of products, this is the result of thinking about what it would mean if each of these things were connected to a network, if each of these technologies had to hold mission critical data, if each of these things had to live in a world of infomation demand loads 24×7.
Security & privacy are part of the specs before we build. That’s leadership and I’m proud of it.
The stock is hovering in the 4’s today. I am here because I am passionate about data protection for this generation and for the next that will struggle with the data decisions we make today.
Michelle Dennedy
Chief Privacy Officer, Sun Microsystems, Inc.