Left unattended, things decay over time, and I would argue this includes trust. While everyone may already know this, nonetheless this concept just hit me as an epiphany while I was noodling at a recent national security-related think tank. It suddenly struck me as obvious – that personal information one entrusts to a friend in confidence has a risk of future unanticipated disclosure that increases in relation to the elapsed time over which one has grown apart from this person.
I’ll bet this is true of for everyone. Have you ever told someone something very personal, someone who you have not spoken to in some great time? Would you consider this “secret” equally safe as when you first decided to share this confidential tidbit? Well if it is family, a counselor, someone governed by some legal mechanism, etc. fine – but what about everyone else? What about long gone co-workers, old roommates or that x-girlfriend?
So, I started thinking about trust in terms of a half-life, in the same way Carbon-14 has a half life.
The government re-investigates certain employees with Top Secret clearances every five years, while other government employees are subjected to polygraph testing every single year. Your creditors/lenders typically check your credit report every few months to determine if your trustworthiness (responsibility for debt) has changed. And, many employers require that their employees change their password every 90 days to account for the risk that you may have compromised the security of this secret – all examples that trust decays and evidence that trust must have some half-life.
Different kinds of relationships will have different trust decay cycles. Immediate family for example, would typically have a longer half-life than a former classmate who has since gone their own way.
Therefore, I contend that virtually all confidential information would be subject to this trust half-life … as over time and with near certainty it will be disclosed to a broader audience than originally intended, of which some contributing factors would include the number of holders of such information and the degree the holder(s) are left unattended.
What does this mean? And what do we do about it? Well to be quite honest, I am not sure. Maybe the government’s half-life for big secrets is so short that its five year background re-investigation (i.e., a large “unattended” window) does not provide sufficient trust – which may in turn contributes to the fact that organizations are often challenged to information share and collaborate even amongst themselves. And if this was true, then perpetual employee vetting (e.g., Perpetual Analytics deployed for continuous backgrounds checks) might change the slope of the half-life curve, which in turn might lead to better teaming and real process improvements.
I welcome your comments, as I would be very curious to hear what, if anything at all, you might make of this.