Comment by haswell
2 days ago
> for the government to have access to government data
It is very much under dispute whether or not the data has been used/shared in a legal manner.
Imagine a new CEO arrives at <b2b platform tech company> and has stated their top goal is to cut costs and improve efficiency.
Then imagine this CEO brings in outside technical people and instructs the existing security team to grant full access to all customer data. They plan to analyze this data to assess how customer’s use of the platform impacts operating costs.
This would be insanely inappropriate and would likely breach customer contracts and break privacy laws. It is of little comfort that the “breach” is wholly “inside” the company.
In almost every large organization, there are numerous internal boundaries that large amounts of data should never cross for any reason. Framing this as “the government having access to government data” is problematic, for the same reason a tech company allowing unfettered access to customer data for some analysis project could not be described in good faith as “the company having access to company data”.
Exactly who it is within the organization that has access to the data and how that access aligns with existing laws/policies is extremely important.
I work in consulting. When we sign statements of work, there are confidentiality clauses. Say we had an internal sales tracking system and then our company decided to move to SalesForce and hire McKinsey to do the conversion at the bequest of the CEO.
Our company would sign a confidentiality agreement with McKinsey.
This would be perfectly valid.
There are restrictions that some clients put on consulting companies like everyone on the project has to go through background checks, be US citizens (some government contracts) or have security clearance. But those are some other rules that Musk and team are breaking.
In other words, any contract between businesses usually has a broad chain of confidentiality that goes down to subsidiaries and sub contractors.
I think a better analogy would be high value data in high espionage environments like GPU trade secrets at TSMC or nuclear secrets, not military codes, but maybe knowledge about the production process. Individual tax payer data is well above the value of commercial data as it can be used in chain attacks to compromise much of our society.
Imagine working IT and having to train people that even when their jobs are directly threatened they are still supposed to withhold data, and then those same people are fired anyways for complying with security policy.
And people are gleeful that these people are losing their jobs.