As the Bloomberg terminal scandal plays out, two camps are ratcheting up arguments. This is overblown. And we need to regulate electronic platforms.
But amid the controversy, the data breach offers uncomfortable lessons about how we conduct modern business in a digital era—and how we're unprepared to ensure online transactions remain secure and private.
Seemingly everyone, from our employers to doctors, collect electronic data. We sign confusing waivers. We share massive amounts of information through e-mails and cloud computing platforms. All this digital data is stored somewhere. And archived. And how it's used exactly can be unclear. As data piles up, stop gaps to ensure protection aren't keeping pace, risk management experts say.
And perhaps even more worrisome, we're collectively more tolerant of leaving behind our digital footprint—few to no questions asked. "Our risk threshold for how data is collected and being used is going up," said Chris McClean, an expert on risk management and corporate responsibility at Forrester Research. "But we're not calling out companies on bad behavior," he said.
Bloomberg News: 'Holding Ourselves Accountable'
A Goldman Sachs complaint sparked revelations that Bloomberg journalists had been able to access log-in details of top officials, including Federal Reserve chairman Ben Bernanke and former Treasury Secretary Tim Geithner. Bloomberg, a private company, now faces inquiries from the UK, U.S., German and European central banks and the U.S. Treasury. Banks' concerns, meantime, about online security are growing. Citigroup is banning traders in its foreign exchange division from accessing internal chat groups on their Bloomberg terminals, the Financial Times reports.
Bloomberg News Editor-in-Chief Matthew Winkler addressed the accusations of violating users' privacy in a May 13 article. "Our reporters should not have access to any data considered proprietary. I am sorry they did," he wrote. "The error is inexcusable."
On Friday, Bloomberg said it appointed Samuel Palmisano, former chairman and chief executive of IBM, to serve as an independent adviser on the company's privacy and data standards.
As inquiries into Bloomberg unfold, a key question and business lesson will be contract language, Forrester's McClean said. What details about use of clients' data were agreed upon between Bloomberg and its data-terminal customers?
(Read More: BloombergBlack: A Threat to Its Terminal Clients?)
Big Data Risks and Temptations
Corporate controversies are nothing new. But what's striking—and particularly instructive—about Bloomberg's error is its online nature. Large databases are being gathered about customers, a trend sometimes called big data. And mining those massive pools of information can unearth trends that no human eye could glean without technology and software.
It's this treasure trove of data—and all its buried promise, just waiting to be tapped—that makes online data abuse so enticing. "Digital data in particular makes it a lot more tempting" to cross the line, said David Frigstad, chairman of consultancy Frost & Sullivan.
Need for Best Practices
In other words, clear guidelines need to be in place as big data only grows. Workplace instruction should also continue well after new employee orientation, said Frigstad, an expert on corporate cultures.
And in Bloomberg's case, the temptation for misconduct is right there on reporters' desks. Bloomberg journalists use the same data-rich terminal-computers—that clients have—to write stories and produce other original content.
"From the point of view of the person, whose directly perpetrating it (the error), it's probably not an outrageous act," said Donald Palmer, a management professor at the University of California at Davis. "The terminal is right in front of you."
Mixing Terminal Sales, and a News Operation
Bloomberg LP is a financial data and news empire created by New York City Mayor Michael R. Bloomberg. Bloomberg News opened shop in 1990, and its origins can be traced to its terminal business.
Created years before Google, Wall Street pays thousands of dollars for a Bloomberg machine. You use an elaborate, colored keyboard and shortcuts to access news and data. Through the terminals—available years before smartphones and Twitter—traders also receive news flashes on screens, which allow them to make trades and money in seconds.
The company has mushroomed from an initial team of six dedicated employees to 2,300 professionals across 72 countries. Bloomberg won BusinessWeek from McGraw-Hill in a bidding war in 2009.
It's precisely this cocktail of news gathering and terminal sales that poses risks—and offers another salient lesson in pursuing too much under one roof. "It can be a recipe for disaster," Forrester's McClean said.
Consistent, internal guidelines are key to ensuring privacy standards. "The more complex the organization is, the harder it is to create rules that fit," said Palmer, author of "Normal Organizational Wrongdoing: A Critical Analysis of Theories of Misconduct in and by Organizations (Oxford University Press, 2012)."
(Read More: In Bloomberg Uproar, Media Ethics Flags)
Pressure to Be 'Thought Leaders'
For Bloomberg journalists, the opportunity for error may have been compounded by a particularly aggressive culture, combined with high standards for customer service. "Bloomberg tried to convey the ethos that everybody was responsible for its success," Palmer said.
Bloomberg's culture also includes "a great pressure to be great thought leaders and get ahead. And the easiest way to do that in any organization is to cross the line of ethics," Frigstad of Frost & Sullivan said. That risk "exists in probably every company with big data analytics. ... It's a huge problem and it's going to get worse before it gets better," he said.
(Read More: BloombergBlack: A Threat to Its Terminal Clients?)
Regulation on the Horizon?
Bloomberg's spying scandal has naturally raised questions about regulation. The Commodiity Futures Trading Commission has discussed possibly monitoring electronic platforms, Commissioner Bart Chilton told CNBC last week.
Regulation aside, risk experts are most concerned about lax privacy and data standards in a complex, data-heavy business environment. Egregious corporate malfeasance on the scale of Bernie Maddoff is rare. What's more common is foot soldiers, making small, incremental missteps, when the playbook isn't clear—or the goal posts keep moving.
"More often than not it (wrongdoing) is perpetuated by ordinary people like you and me, who find themselves in situations, where forces were operating on them. You go with it," Palmer said. In the heat of the moment, "wrongdoing often isn't so much different than doing right."
(Read More: Small Business Rulebreakers Get Competitive Edge)
(Disclosures: Bloomberg is a competitor of CNBC in reporting and distributing business news on the Web and on television. Heesun Wee is a former Bloomberg News employee.)