Monday, March 30, 2009

Automated Social Media Governance and Government 2.0

With the proliferation of Internet-based tools and forums to share information, deliver announcements or warnings and create collaborative networks, it’s become apparent that “self-policing” strategies for controlling and managing the risks involved in delivering content through the corporate firewall can’t mitigate most risks. Most corporations and government agencies do indeed require, as terms of employment and various legislation, that care be taken and policies or procedures followed when engaging in online public discourse or otherwise moving content from the corporate-controlled environment to the public Internet. Over the past years, many good tools and governance frameworks have been developed as a routine matter of enabling Internet content posting, distribution and syndication – but these have mostly focused on automation, protection and monitoring procedures associated with corporate-managed content. “Corporate-managed content” is defined as information products or artifacts that are specifically governed and managed by a combination of corporate policy, processes and information management systems.

The availability and use of Internet-based “Web 2.0” tools (when used with collaborative intent termed “Social Media”) from inside corporate and agency firewalls are exposing additional types of information and styles of communication that don’t fall neatly into the corporate-managed information bucket. These social media information types and communication styles are proving quite difficult to manage from many perspectives, including legal compliance, risk management, security, personal or corporate reputation management and overall productivity and return-on-investment (ROI).

Newer communication styles – such as those that result in creation of unmediated copies or renditions of original content - include things like “microblogging” (i.e. “Twitter”) and self-syndication, i.e. publishing content to sites like EzineArticles, Digg or public blogs, and enabling subscription to RSS feeds. These communication styles are used expressly for the purpose of enabling public propagation and information-sharing, for reasons ranging from actual corporate or agency public service mission, to marketing or simple relationship and reputation-building.

Newer information types (to be considered from a corporate information management perspective) include RSS-formatted messages, micromedia (i.e. small, highly-portable, low-bandwidth and standardized image or video files), tags and attributions, social media press releases, backlinks, comments and pingbacks – these are the currency of social media, and that which provides permanent, public evidence of collaboration.

Within the so-called “Enterprise 2.0” or especially "Government 2.0" context, these communication styles and information types aren’t so problematic – employee to employee socialization using corporate-managed Web 2.0 style tools is a low-risk, high-return activity, so long as it’s managed and monitored effectively. Many organizations have grown to understand and leverage information management tools to help control risk, productivity and costs associated with creating, publishing and sharing information internally. Systems that provide web content management, records management, business process and services registry/repository management, document management and various flavors of logging/auditing capabilities are well known and broadly-implemented. However, when these social media activities and content surface for public consumption on the Internet, unmanaged by corporate information management systems and associated with explicit or implicit attributes reflecting ownership, participation, intent, decisions, or opinion – the corporation or agency’s risk profile can rise dramatically, and asymmetrically.

Consider this use case. A government agency wishes to post a photograph and description of a road closure on the Internet, making sure that the information not only appears on local “traditional” media Internet channels and the agency’s own website and subscription channels, but also in local “user-generated” community websites, blogs, and discussion forums, as well as larger 3rd-party user-generated media sites that allow localization through keywords or other metadata. Basically, the news needs to get out to both the “pull” environments (i.e. online traditional media), and the “push” environments (i.e. online social dialogue environments). What’s the process?

A specific agency individual may be locally-empowered and trained to follow a procedure where, once the content is approved and loaded to the agency website with an associated press release, to further distribute the content through social media channels such as twitter, local community blogs and discussion groups, flickr and youtube. This activity, by this individual, can not only take a while, and miss important notification channels or groups, but also raises a number of questions regarding records management and government accountability:

  1. What keywords are used, to be sure that search engines find the information most efficiently?
  2. Are ALL policies, regulations and guidelines being taken into account, that may or may not be directly enforced by the “home” agency, but by other Federal oversight groups?
  3. Can the individual express opinion, either in the text copy or keywords?
    Are different social media channels and tools leveraged for different types of alerts like these, in different situations? To reach different audiences?
  4. Is there a standard and agreement by 3rd-party site owners that enables some degree of “authorized attribution” to the notice – i.e. this notice, and only in its issued form, is in fact “official”?
  5. How are records maintained of these postings and 3rd-party site updates? What about responses, are they monitored and associated with the postings, across multiple social media channels?

What’s the process for correcting misinformation, or “fat-fingering”?

The list of questions and concerns can quickly become very long, and range from the very abstract and strategic to very precise and tactical.

Therefore, the concept of “Automated Social Media Governance” is raised. During the process of creating, staging, publishing, distributing and monitoring digital content released to the Internet via Social Media channels, there exist many opportunities to (A) automate these new information lifecycle processes, (B) automatically enforce social media information management policies and (C) automatically monitor and respond to associated social media events.

It is important to note here the distinction between “digital content” and “digital assets” – in this paper we’re not focusing on digital content that’s expressly generated and monitored for revenue-generation purposes, and that has explicit monetary value (for example, widgets, photos or documents for sale). Rather, we’re focusing on digital content that by itself has no explicit value, but simply is an outcome of the corporation or agency’s communication or collaboration mission with the public. Digital Asset Socialization requires automated social media governance, but also requires additional governance and techniques associated with intellectual property protection, financial management and transactions, and cost recovery objectives.

Automating information lifecycle processes isn’t a new concept – but automating the business processes and 3rd-party tool utilization required to leverage social media, in a manner that integrates with internal SOA/ESB, Content and Records Management capabilities, is. Consider the creation of a blog-style comment with keywords and trackback url(s) within a corporate content management system. The creation of this information package can be appropriately recorded and approved with existing tools. The actual auto-selection and approval of 3rd-party destinations, “scrub” of content and keywords for appropriateness or policy, creation of a standardized “information exchange package” and release of information with appropriate attribution and security enforcement from the official source of record to the “open source” Internet community is a new concept. This concept isn’t yet built into typical enterprise web content management and publishing systems, and is usually always a mishmash of personal or office initiative, conflicting, ambiguous or casually-interpreted policies, and redundant, overlapping activities with no strategic plan. The ability to automatically track, monitor and perhaps respond to misuse, reuse or other manual or automatic reactions to the content that’s been posted isn’t part of typical enterprise web content management systems, either.

Should social media governance be automated, and to what extent? There’s one broad camp of opinion that espouses social media should be largely unfettered by heavy-handed policies and restrictive, burdensome data management processes (though obviously required in most secure government contexts) – it interferes with creativity, natural human interaction and the original intent of “social” Internet tools. Then there’s the very risk-adverse, highly-accountable camp of realists who by mission, job function or legislation must consider very closely the impacts of allowing unregulated information-sharing to cross corporate or agency boundaries of control. Regardless of the side of the control spectrum, there’s no doubt that some degree of social media governance automation can be helpful for risk mitigation, productivity or value optimization reasons. Simply including social media posts in the web content management workflow is probably a good idea, if only to record the outbound communication and targets, as well as preserve things like photos and videos in the format they were released for chain-of-custody and legal discovery purposes.

Blackstone Technology Group is currently helping many commercial and government clients navigate the Social Media environment, whether from a governance, policy and investment perspective, or from an information management and process automation perspective. This topic is raised now in nearly every discussion where user-driven collaboration and communication results in production of digital content that’s currently not managed or monitored by corporate systems, processes or policies. Blackstone can provide the expertise your company or agency needs to understand information sharing and management concepts associated with the use of Social Media and Web 2.0 tools, including implementation, governance, opportunities and risks. Blackstone can help you automate all the various facets of Government 2.0, Social Media Governance and Information Management, whether for purposes of publishing or collecting information through social media channels.


Anonymous said...

I recently came accross your blog and have been reading along. I thought I would leave my first comment. I dont know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.


Chris Boudreaux said...

Hi, Ted,

Thanks very much for your thoughts on this.

As companies wrestle with business cases, metrics and cross-business-unit investments in capabilities such as privacy, security and compliance management, many companies are finding it helpful to start with a framework such as this one to organize and prioritize their efforts:

And, for folks defining a social media policy, here is the largest online database of social media policies, for reference: