Well here’s a story where the tradeoff for speed and efficiency caused a massive stock dump erroneously.

Apparently, many traders use automation software that trolls the Web for news stories and then, depending on what it finds, executes stock trades automatically. It was United Airline’s bad luck that an old article about its 2002 bankruptcy-court filing showed up on Google’s news service and somehow made it to the list of most popular stories. In one of a series of mistakes here, the story had no date on it – which means Google’s algorithm for assessing popularity didn’t have a way to exclude it as an “old” story – OR (because there are conflicting accounts) the South Florida Sun-Sentinel actually put “today’s” date on the page that the story appeared on. This got picked up by the Income Security Advisors newsletter and sent over to Bloomberg News as a one-line brief. Plus there’s the inevitable conspiracy theory that people manipulated the web traffic for this story to adversely affect UAL. Regardless, on Monday afternoon, the stock plunged 76% in less than a day.

But the real problem here is the growing use of automated programs to trigger stock trades without any human interaction – instead based on news headlines and earnings data. According to the Wall Street Journal, these automated programs were responsible for a very surprising 25% of NYSE trades in the last week of August.

I’m sure we’ll hear more as the lawyers are now involved trying to figure out who should get the blame.

Complicating factors is the impact (or lack thereof) of incidents on stock price.  Many researchers who identify themselves with the New School of Information Security (yours truly included) want to immediately look at stock price as a bell-weather metric for incident impact.  I think this stems from our days of slinging FUD, back when we could scream “Buy a firewall or we’ll have an incident and you’ll be on the front page of the paper and the stock price will go down!”  But these days notable incidents seem to suggest that the impact on stock price for an incident is short lived.  With qualifications, of course.

So what would/should we make of this from Money.co.uk?

£12million ($24m) Wiped off Helphire Stock after Malicious Email Sent to Clients

Car hire firm Helphire have taken Google to court after a malicious email sent from a Gmail account saw their shares plummet £12million in a single day.

The Bath-based business who specialise in providing replacement cars to ‘no-fault’ drivers involved in accidents on behalf of car insurance companies, initiated legal proceedings against the search engine giant as part of their attempt to find out who is responsible for sending the defamatory mailing.

Google are now known to have complied with the court order and have controversially supplied details of the email account and ISP used by the meddler.

Written under the psudoname Peter Franks, the 1200 word email is know to have been sent from a gmail account that was opened specifically for this purpose and closed a few minutes after the damage had been done…

…The misdemeanour couldn’t have come at a worse time for the struggling firm who have undergone a £45million rights issue and seen a 75% drop in the value of their stock already this year.

That last paragraph, for me, explains some of the difficulty in tying reputation damage to stock decreases.  It’s like when you read the headlines from Bloomberg about why the days stocks (or commodity) prices are up or down.  You know, the “Oil closes $3 higher on news that a notable South American dictator has a rather unpleasant boil in a very uncomfortable area” type of headlines.  You really do have to question the causality and correlation.  So in the Helphire case above - is this new drop in stock really because of the email sent?  If so, should we view that $24mil number as an independent data point to describe this sort of attack on reputation, or is the magnitude aggravated due to the long-term trend of stock price?

Even when we have “Objective Data” (an in-joke for Adam S.) like this decline in stock price, it is really difficult to provide any sort of precise estimate or measurement - about the future, present or past.  The best we can do is use ranges, distributions, that are reasonable based on evidence and observation.

So it’s worth filing away this sort of datum for future use - while dutifully acknowledging the qualifiers we might place around it.

So the questions I ask here - what should we make of this new information, and how should we view the $24million drop - they’re not rhetorical.  I am very interested in your views and welcome your comments!

Internet Archive offers fiber-based service to public housing project: Forget Wi-Fi. How about 100 Mbps to each apartment in a 260-unit project (Valencia Gardens)? That's Brewster Kahle, Internet pioneer and all-around good guy, written large. His efforts intend to put high-speed service into 2,500 units, mostly by the end of the year. The project ties into city-owned fiber, and is routed through the archive's high-speed NOC. With this project and the Meraki Free the Net mesh effort, San Francisco could move out of the status of a developing nation in terms of widespread broadband access.

Boston Wi-Fi project launches: The first pilot project under the direction of Openairboston launched today, with a square mile in Roxbury and Dorchester, passing about 8,000 homes. Service is free for 30 days, then $10 per month thereafter.

Open Range Communications gets $267m loan for rural broadband: The funds are intended to push service into an extraordinary 518 rural areas across 17 states. They've raised $100m privately, too, GigaOm reports. They won't deploy just one set of technology, but will sublet spectrum and use a satellite range for ground service, Om Malik writes.

Chrysler will put Wi-Fi into cars: Bloomberg News reports that Chrysler intends later this year to offer dealer-installed cellular Internet links in cars. The Chrysler chief for this effort misuses the term Wi-Fi, though, as it's cell data with car drivers required to obtain a cell subscription. The service will move to factory-installed after 2008. There's not much detail on what drivers and passengers will be able to use the service for in this brief article.

Wi-Fi chip shipments dectupled in five years; revenue quintupled: ABI Research notes that 440m Wi-Fi chipsets will ship in 2008, 10 times greater than in 2003. However, revenue is just 5 times higher, which shows how even with more advanced chips in the mix, the race to the bottom continues. Broadcom was the leading vendor in ABI's analysis.

Date Reported:
2/22/08

Organization:
LGT Group - The Wealth and Asset Management Group of the Princely House of Liechtenstein
English Version
German Version
French Version
Italian Version

Contractor/Consultant/Branch:
LGT Treuhand AG
(LGT Trust Ltd in English)

Victims:
Clients of LGT Trust (prior to 2002)

Number Affected:
~1,400*

*there may be an additional 4,527 beneficiaries affected.

Types of Data:
Confidential bank account information.

Breach Description:
Confidential customer information was stolen from LGT Trust in 2002 by a former employee of the company.  As a result of this breach, Heinrich Kieber was convicted of "serious fraud, dangerous threats, unlawful compulsion, and suppression of documents."  Now it appears that German authorities paid Mr. Kieber "as much as 5 million euros ($7.4 million)" for information about German account holders for the purpose of investigating tax evaders.  Other countries that are interested in the information allegedly stolen by Mr. Kieber include the United Kingdom (U.K.), the United States (U.S.), Australia and others.  Mr. Kieber now has a new identity (possibly as part of the arrangement with Germany) and his whereabouts are unknown.

Reference URL:
LGT Group Media Communique dated 2/24/08
[Evan] Highly recommended interesting read
The Australian online news story
Bloomberg.com online news story
MarketWatch online news story

Report Credit:
Chad Thomas, Bloomberg.com

Response:
From the online sources cited above:

For LGT Group, all the facts now point - despite contradictory statements form sources said to be close to the German intelligence service - to the fact that the data material illegally disclosed to the German authorities is limited, in as far as LGT is concerned, to the client data stolen from LGT Treuhand in 2002.

Even though other rumors have been circulated about the occurrences, LGT Group is assuming on the basis of numerous indications that the person, who illegally passed the data on to the German intelligence service, is the same former employee of LGT Treuhand who stole the data in 2002.

Apparently, the stolen data material has also been illegally disclosed, directly or indirectly, to other authorities.  According to reports in the media, the previously convicted offender was paid a sum of several millions for the information and was provided with a new identity.

this is a possibility that law firms were interposed as intermediaries.  LGT will now re-register its report of a criminal offence committed by a person unknown directly against the convicted data thief.

approximately 1,400 client relationships with LGT Treuhand, which were established before the end of 2002.  The largest proportion, about 600 clients, are resident in Germany.  The figure circulated in the media of 4,527 sets of data represents the number of beneficiaries of all the foundations

it has become increasingly clear that the so-called "informant" of the BND German intelligence service is indeed the same convicted data thief who illegally disclosed the client data in 2002

Acting on the information, German authorities raided the home of one of the country's most high-profile executives, the chief executive of Deutsche Post AG, alleging he evaded paying about E1 million in taxes.

The government, which paid as much as 5 million euros ($7.4 million) for information on German account holders in Liechtenstein on a disk provided by an informant to the Federal Intelligence Service, or BND, will share this information with other countries, the finance ministry said today.
[Evan] You mean to tell me that its possible (and acceptable) to steal confidential corporate information and sell it for big bucks?  German authorities paid over $12,000 per record (7,400,000/600)!  The question is, is this an informant or a data thief cashing in?

U.K. tax collectors, after initially turning up their nose at an informant's offer to sell them confidential data from a Liechtenstein bank, have now paid up and have information on about 100 wealthy British subjects

they were persuaded to pay the informant around 100,000 pounds only after Berlin tax officials launched in recent weeks a high-profile crackdown on Germans with money said to be stowed away in Liechtenstein
[Evan] The UK got a deal.  They only paid ~$2,000 per record.

Australian authorities have been given details of Australian clients of Liechtensteinische Landesbank (LL, according to reports in the Wall Street Journal and Guardian newspapers.

"The Australian Tax Office does not pay for information about tax schemes," an ATO spokeswoman said. "Nonetheless, we have a good flow of information from people concerned about fairness and equity in the tax system."
[Evan] The best deal of all.  Australia got the stolen information for free!

The former employee, who was convicted of the data theft, is a Liechtenstein citizen named Heinrich Kieber (HK).

He was active from October 1999 as an external employee of an IT-company, and from April 2001 to November 2002 as an employee of LGT Treuhand.  At the time of his recruitment and during his employment with LGT Treuhand, he had not been previously convicted of a crime.  However, as would become known later, an arrest warrant had been issued against HK, which was not accessible for examination during the standard checks carried out on new employees.

This arrest warrant was linked to a real estate deal in Spain in 1996, which HK had allegedly financed with uncovered checks, and was issued by the Spanish criminal prosecution authorities in 1997, firstly at national and subsequently at international level.

It has been reported that he (Heinrich Kieber)  has been given a new identity and is living in Australia.

Commentary:
This is a very intriguing story and one that will take a while to shake out.  I am a little torn by the series of events, and struggle with the ethics of it all.  I don't think Heinrich Kieber is any kind of hero by any means.  I think he is a common thief that just received a huge payday.

A couple of questions to think about:

• Do you think Heinrich Kieber is lucky criminal, or do you think he is an honest "informant" and "whistleblower"? 
  
• If he were truly an honest guy, why would he shop the confidential information around like he did and not give it freely?
• Do you think this story will encourage other insiders to follow suit?
  

Q: Prior to 1870, street corner fire alarm pull boxes were kept locked. Why were they kept locked and how did a person gain access to 'pull the box?'

A: They were kept locked due to false alarms. Nearby shopkeepers or beat cops carried the keys.

Here's Robert Cromie, writing in The Great Chicago Fire (Thomas Nelson: 1994), page 33:

William Lee, the O'Leary's neighbor, rushed into Goll's drugstore, and gasped out a request for the key to the alarm box. The new boxes were attached to the walls of stores or other convenient locations. To prevent false alarms and crank calls, the boxes were locked, and the keys given to trustworthy citizens nearby.

What happened when Lee made his request is not clear. Only one fact emerges from the confusion: No alarm was registered from any box in the vicinity of the fire until it was too late to do any good.

Apparently, Lee said that Goll refused to give him the key because he'd already seen a fire engine go past; Goll said he actually did pull the alarm, twice, but if so it must not have worked.

(There's more about what sounds like a really bad communications failure, but it's a little too hard for me to read on the Amazon website.)

Here's more:

But did you know that the fire burned for over half an hour before an alarm was ever sounded? Alarm boxes were actually kept locked in those days, to prevent false alarms!

When the first alarm box was finally opened and the lever pulled, the alarm somehow did not get through. The fire dispatcher was playing a guitar for a couple of girls at the time and he kept on serenely strumming, completely unawares. After the fire had been growing and blazing for nearly an hour a watchman screamed at the dispatcher to sound an alarm, which he did, and the first three engines, two hose wagons, and two hook and ladders were sent out -- but in the wrong direction!

At first the dispatcher refused to sound another alarm, hoping to avoid further confusion.

Compare this with a proposed law in New York City that will require people to get a license before they can buy chemical, biological, or radiological attack detectors:

The legislation — which was proposed by the Bloomberg administration and would be the first of its kind in the nation — would empower the police commissioner to decide whether to grant a free five-year permit to individuals and companies seeking to "possess or deploy such detectors." Common smoke alarms and carbon monoxide detectors would not be covered by the law, the Police Department said. Violations of the law would be considered a misdemeanor.

Why does the administration think such a law is necessary? Richard A. Falkenrath, the Police Department’s deputy commissioner for counterterrorism, told the Council’s Public Safety Committee at a hearing today, "Our mutual goal is to prevent false alarms and unnecessary public concern by making sure that we know where these detectors are located and that they conform to standards of quality and reliability."

The law would also require anyone using such a detector -- regardless of whether they have obtained the required permit -- to notify the Police Department if the detector alerted them to a biological, chemical or radiological agent. “In this way, emergency response personnel will be able to assess threats and take appropriate action based on the maximum information available,” Dr. Falkenrath said.

False positives are a problem with any detection system, and certainly putting Geiger counters in the hands of everyone will mean a lot of amateurs calling false alarms into the police. But the way to handle that isn't to ban Geiger counters. (Just as the way to deal with false fire alarms 100 yeras ago wasn't to lock the alarm boxes.) The way to deal with it is by 1) putting a system in place to quickly separate the real alarms from the false alarms, and 2) prosecuting those who maliciously sound false alarms.

Generally, practitioners I know would trust Bloomberg in a majority of the raw figures that they give out. But when it comes to calculations, some would take them with a grain of salt. Personally, I find the risk solutions of Bloomberg to be less than adequate for the following reasons:

• Limited instrument coverage
• Not flexible
• Lack of transparency (Black Box)

But of course, it would never hurt to sit in a Bloomberg seminar and learn best practice (if ever they are presented) and to discover some new things that our beloved system has to offer.

And now for the seminar details.

Topics:

• Importance of Market Risk Management
• Risk measures for fixed income securities and derivatives
• Reliable data for your risk management systems
• Market risk management in alignment with Basel Accord
• Algo Risk on Bloomberg - a pre-integrated, real time market risk solution

Speakers:

• Nestor A. Espenilla, Jr. - Deputy Governor, Bangko Sentral ng Pilipinas
• Seet Kok Leong - Head of Algo Risk (Asia Pacific), Algorithmics
• Jiten Bhanap - Product Specialist, Bloomberg L.P.
• Ivan Koh - Regional Data Solutions Manager, Bloomberg L.P.
• Neo Siang Noi - Trading Systems Sales Specialist, Bloomberg L.P.

Date:

15 August 2006

Venue:

Makati Shangri-la Manila, Ayala Avenue corner Makati Avenue, Makati City 1200, Philippines

Time:

9:30am - 2:00 pm

Registration:

BU on Bloomberg

email: awang@bloomberg.net

tel: +63 2 849 7100 loc. 4794