Sent: Thursday, March 06, 2003 7:48 AM
To: johnsumser@interbiznet.com
Subject: xr-xml
Your diatribe today does you no credit. I
respect how difficult it is to write every day and avoid some bad ones. That's
why you should remember this one- one of the items that should not have seen
the Send button.
The language and tone you selected diminishes
your idea, which seems a bit of a reach anyway. The vendor list you linked is
filled with heavy hitters, and one would think they have a reasonable handle
on their potential liability. Monkeys and Clowns they are not.
Who, other than people in the background
checking field, would have the expertise to write a spec to exchange data ?
Why not focus on the laws around the original
creation and later use of the data, rather than the mere mechanics of its
transmission ?
Do you have any constructive proposals to
allow data interchange without total custom coding for every new node ?
Your next column ought to say you were up
late or had one too many double lattes and you regret the tone, if not the
premise, of today's ramble.
Martin Snyder
Main Sequence Technologies
www.mainsequence.net
440.946.5214 #5300
martin@mainsequence.net
From: John Sumser <john@interbiznet.com>
Sent: Thu 3/6/2003 12:16:50 PM
Subject: RE: xr-xml
Sorry, Martin. The idea that industry
insiders can handle this question on their own without adult supervision is
bogus. A self-serving design process holds the entire industry hostage to the
changing realities of privacy concerns. The efforts of HR-XML are already
becoming concerns for a range of civil libertarians because they made no
effort to include privacy advocacy in the process. It is a behind closed doors
activity in an age where transparency is becoming the norm.
I do expect some flack but think that the
proposition is far from being a "bit of a reach". If I stirred a
hornet's nest, it was intentional. I hate having to pick up the role but no
one seems to be trying to hold our industry accountable in an age where
privacy is a major concern.
For example, any spec on handling sensitive
background information should have, as a minimum, the capacity to contain the
approval, comments and management capabilities for the individual being
screened. This is a relatively standard requirement yet the spec ignores it.
The very management of personal identity information is the issue here. The
work of the HR-XML group tramples over individual rights because there is no
counterbalance in the structure.
From my perspective, a venture like HR-XML
ought to stand for something more than the collective business interests of
its members. Without a higher set of values, it's just a scheme to
institutionalize the desires of its members and ought to be aggressively
discredited.
With your permission, I'd like to print your
note and my response as a column.
John
From: Martin Snyder [mailto:martin@mainsequence.net]
Sent: Thursday, March
06, 2003 11:39 AM
To: John Sumser
Subject: RE: xr-xml
If you feel data interchange tools should be regulated by some
authority, that's a reasonable idea and perhaps the FTC or some other agency
or legislative body ("adult supervision" ) should take that up.
What can an industry standard group be expected to stand for BUT the
collective business interests of its members? If the regulatory and market
environment is sound, those business interests should align with the interests
of the customers they serve- i.e. firms and the public. Our industry should be
as accountable as any other – and the FCRA and HIPAA laws certainly apply to
HCM and exchanging data with XML offers no effect to reduce those
responsibilities.
You should support the need for a workable XML standard- you often lament
that our industry is backward, yet defined XML standards are well accepted in
the manufacturing, finance, and logistics industries and are needed now for
greater interoperability of Human Capital Systems.
If data is misused, don't blame system designers, blame individual
organizations and bad actors. Like the NRA says, Computers don't violate
privacy- Humans do.
From: "John Sumser" <john@interbiznet.com>
Reply-To: <john@interbiznet.com>
To: "Martin Snyder" <martin@mainsequence.net>
Subject: RE: xr-xml
Date: Thu, 6 Mar 2003 12:13:46 -0800
You'd expect that I'd try to have the last
word.
It is in the business interests of the
consortium to provide the equivalents of guns with safety mechanisms. The
problem is that without a broader set of insights in the process, they have no
way of knowing that. Right now, they are producing unsafe designs and have no
effective controls on their work. By shrugging their shoulders at obvious
liability issues, they are delivering inherently flawed output.
John
From: Martin Snyder [mailto:martin@mainsequence.net]
Sent: Thursday, March
06, 2003 1:30 PM
To: John Sumser
Subject: RE: xr-xml
I accept that, and I'm looking forward to
reading it ;-)
When we boil down the point to the essence,
its something that can be acted upon.
MS