This would be mostly about rant. That’s it. My work with a particular client has been running since last year in developing a system to store and make simple analysis regarding all of their work, in short. Their substantial work, however, has ties with several bodies in the same level as theirs. These ties imply data connection between them and protocols with which data can be interchanged. From this point, they argue which data can be shared either publicly or internally.
The definition of secrecy, of confidentiality belongs to data-master, as I usually call it. The master has every right to declare which are confidential and which are not. In the latter case, the data might be in public domain for public review. The data-masters have their superior, their supervisor which has also every right to command them to release everything they have. At some point they, the data-masters simply agreed but later one person stood up and challenge the forum about possible consequences.
Personally attending the forum, I had to contribute one or two arguments, which were later considered as rude and sharp by my colleagues. Seeing that attendees seemed to be confused about which would be hidden in our system and which would be open for public, it was only fair to make a point or two for their misconceptions, in short sentence of course.
I beg your pardon for pointing this out again and again. From your requirement, you might let your data be visible on public domain. This aspect has been very clear for us from the beginning that public shall not see data on this level of detail. They are only to see, if necessary, the final data containing final result. The on-going data shall not be for them to see. For personal inquiry regarding their case and how far their case have been handled, they have been given credential unique to themselves to access such information. Therefore, I thought there is no need to expose our storeroom to all crowds.
A colleague of mine reprimanded me for being rude again but at this point, I couldn’t be anymore careless. It’s their data, their integrity, their system. While being maintained by me (and my friends, we formed a formidable team here), I, as representation of my team, cannot let our work be only a toy instead of serious collaboration.
The conclusion was that we would develop a prototype which would have intentional data breach. Such prototype would allow public domain to see data, which were deemed confidential at first but later requested to be public. This prototype, however, would not be deployed on formal server but on one PC which belongs to a colleague, from which all access would only be permitted from localhost.
Following meeting should be held afterwards with regard of this experimental and intentional breach. Different stakeholders, I assume, will either fight against themselves head on while figuring out why these data should be hidden and why not by request of higher authorities, or they would willingly submit to these authorities.