Chapter 3: The structural environment – Organisational Culture for Information Managers

3

The structural environment

Abstract:

This chapter provides the context relating to the structural environment that impacts on information management in organisations. This includes language, technological infrastructure and the legislative environment. The main areas of legislation considered relate to privacy, the protection of personal information; copyright, the ownership of information; and freedom of information, the rights of citizens to access official information. This chapter does not attempt to provide definitive discussion of these topics, but merely sets out to establish the main features of each and to highlight those features which may influence the management of information in organisations.

Key words

legislation

privacy

copyright

freedom of information

legal deposit

archives legislation

Introduction

The objective of this chapter is to specifically include national and regional factors that will be influential in shaping organisational cultures, but which may be missed if the focus is restricted to national cultural dimensions.

The need to take a holistic view of the political, legislative and social environment rather than restricting consideration to national cultural dimensions can be illustrated by looking at the example of Estonia, one of the Baltic states. Estonia has a long history of occupation by successive foreign powers (Denmark, Sweden, Germany and Russia), and for much of the twentieth century (1940–1990) was part of the Soviet Union (Raun, 2001). According to Hofstede’s dimensions, Estonia’s profile is very similar to that of Finland (‘Geert Hofstede Cultural Dimensions’). A study of managerial values, however, found significant differences between these two countries (Alas et al., 2006).

In terms of industrial development, in relationship to other newly independent countries in Eastern and Central Europe, Estonia has been categorised as a high level medium adaptor (Hyder & Abraha, 2008: 293). These authors comment that Estonia is culturally closer to Sweden and Finland because of historical business and social links, and also that industry is doing well in terms of privatisation, adaptation and modernisation.

In 2004, Estonia became a member of the European Union. Regionally it is referred to as one of the Baltic states, thus is grouped with Latvia and Lithuania. Legislation relating to information management in Estonia appears to be accorded a high priority as archival and legal deposit legislation has been updated in recent years (Euronomos: European Archival Information Online, 2009; Suneksemplari Seadus, 2009). Given the amount of work required as a consequence of legislative changes following independence in 1991, the fact that these acts have received attention indicates a high importance accorded to these areas. Hong Kong was in a comparable situation in terms of the magnitude of change as the territory was handed back to China from Britain, but as will be seen later in this chapter the legislation enacted in the pre-handover period showed that information management concerns were not a priority.

Similarly, the existence and status of public policy relating to information management will vary according to country, reflecting different levels and areas of concern. Estonia provides an example of a state where explicit and well-documented policy has been developed relating to cultural heritage, both analogue and digital (Ministry of Culture, 2008). Preservation of that heritage is the focus of much attention and activity, as is evidenced by the ‘Red Book’ strategy (Konsa and Reimo, 2009). Public policy relating to the development of an information society post-independence is explored in depth by Runnel et al. (2009).

This brief snapshot of a country has used Estonia as an example to show the complex web resulting from, and continuing to be shaped by, historical and current relationships. All of these relationships will have some degree of influence over the way in which information is managed in organisations in specific countries.

Continuing our examination of the context that organisations are situated within, any consideration of their culture has to take into account the laws and regulations within which they operate. This chapter begins with consideration of the importance of language and technological infrastructure issues. It then provides an overview of the regulatory environment in general terms, and then considers three main areas in more detail: privacy, copyright and freedom of information legislation. These three are of critical importance to information management, and although the concepts are internationally applicable the manifestations of particular legislation varies greatly. Indeed, some researchers have suggested that national cultural characteristics are influential in shaping this environment. I will also consider the extent to which employees are aware of and accept the provisions of this legislation, as this is another important factor to take into account in assessing organisational culture.

Language

Language is a key factor that will need to be taken into account when considering organisational culture and the need to manage information. It is of course inextricably linked with culture, but it is worth singling out for separate discussion in order to emphasise information management consequences which may arise due to the use of different languages, and because of the implications of the use of different character sets for digital accessibility and sustainability issues.

Of particular interest are the differences between high and low context languages, which has been associated with variations in information-seeking behaviour (discussed earlier in Chapter 2). Research into high and low context differences appears to be largely limited to exploring Asian and Western comparisons (see for instance Li-Jun Ji et al., 2009) whereas there is considerable difference to be found even among European languages in the degree of context required. There is undoubtedly a need for much further investigation in this area, which has the potential to be very significant for information management.

Particular problems can be associated with languages based on non-Latin script. The international standard for character encoding (ISO 8859) for instance does not even include Chinese characters because of their complexity. Nevertheless, the use of standards for encoding to take into account diacritical elements in different languages is enormously important if there are aspirations to enable equal access to people speaking those languages. The Norwegian government has announced that the character sets used by public sector organisations have to conform to UTF8. This is to make sure that characters in Norway’s minority language, Sami, and others can be displayed correctly.1

Requirements to use more than one language, and willingness to do so, will certainly influence information management concerns. Multilingual websites, for instance, dramatically increase possibilities to access information beyond national and linguistic boundaries. However, the complexity involved in ensuring that versions are up-to-date and translations are authoritative cannot be underestimated.

The small country of Estonia provides some insight into the defining nature of language, and the consequences of this for information management. Estonia’s language policy is said to illustrate the importance of language in defining national identity (Rannut, 2004). The country’s national awakening in the late nineteenth century was preceded by a steady increase in publications in Estonian and marked by the standardisation of a new writing system and acceptance of the Northern dialect as the national language (Raun, 2001). Towards the end of the Soviet occupation of Estonia in the 1980s, the status of the Estonian language was seen as a critical characteristic essential for the survival of the nation and its culture (Raun, 2001: 235). Changing relationships with other powers has influenced choices relating to other languages; most recently, English has become the preferred second language to be taught in schools. A consequence of this will be that direct access to primary information sources relating to the recent past will be more problematic if future Estonian citizens do not have the appropriate linguistic skills.

Regional technological infrastructure

The capability and capacity of the organisation’s internal information technology systems will of course impact on the nature of information management services. But it is important to take a step back and consider the broader environmental context, because this dictates the opportunities and constraints that are the parameters for internal development. In addition, regional capabilities will influence the extent to which employees are restricted to working within organisational boundaries, their acceptance of organisational limitations and/or need to develop alternative solutions.

Today’s social networking, or Web 2.0, environment offers a huge range of possibilities for alternative ways of working. When it is no longer necessary to be in a designated physical space in order to work, a whole range of issues that may make life much more complicated for information managers arise. People are able to log into their work systems such as e-mail and conduct business from remote locations. Voice-over-internet protocol software such as Skype enable realtime global communication. Computing in the Cloud, using cyberspace as a vast open-plan office and storage repository opens up possibilities for collaborative working alongside issues that are only now emerging, such as ownership and responsibility for data.

In addition, portable storage devices enable employees to carry vast amounts of data off work premises, and also of course raise huge risks in terms of loss and unauthorised access to information.

Underlying people’s ability to take advantage of these features is the need for adequate equipment, power and access to information technology. There will of course be huge contrasts in the facilities available in western developed countries from those in third world and developing countries, on the other side of the digital divide. But some features of the Web 2.0 environment may enable digital working in ways not previously possible in countries without a robust technological infrastructure. Contrasts are also apparent among countries in the developed world, largely due to telecommunications policy and the associated infrastructure.

Free wireless internet makes a huge difference to the extent to which the flexibility of communication will be taken advantage of, and incorporated into working outside the bricks and mortar of traditional organisational boundaries.

Also, of course, it is important to bear in mind that if the regional technological infrastructure is one which facilitates the use of these new tools and features, organisational policy should reflect this reality. Otherwise the result may well be sabotage of internal information management systems. Whether this sabotage is intentional or accidental, the result will be the same as people develop their own workarounds.

I encountered an instance of the complexity of this new environment when consulting for a public sector organisation based on one of the island nations of the South Pacific. Internet bandwidth was limited, and an attempt to develop an online document repository that could be accessed remotely failed because download times were excessive. The organisation focused on developing approaches to restrict internet usage where possible, in order to make better use of the bandwidth that was available.

One of the results of this strategy was to ban the use of Skype, as this was viewed as software which presented an excessive drain on bandwidth. Furthermore, Skype was perceived as a tool that was used for social, rather than work purposes. However, employees had developed their own communication practices as an integral feature supporting and facilitating their work, and Skype played a central role.

The functions of this organisation meant that employees travelled a great deal, largely to Pacific island nations that were even more remote. One of the primary purposes of travel was to take part in meetings which involved high-level negotiation of policy spanning different jurisdictions. Skype was used wherever possible as a quick and easy way of checking back with colleagues and managers, especially to ensure that any decisions or positions taken out of the office were in keeping with home organisational policy. When Skype could no longer be used, employees developed their own workaround. This, in effect, consisted of making sure that the organisation’s information could be accessed externally. Staff established their own personal e-mail accounts in the cloud, for instance setting up hotmail or gmail accounts. Then before travelling, they would e-mail themselves copious quantities of documents to make sure they could have them to hand if needed. This was in addition to using portable memory devices such as USB sticks, as people had found from experience that these small devices could easily be lost or left in someone else’s computer. All in all, it was no understatement to say that the organisation’s most important information resources were exposed to significant risks, largely due to insufficient attention being paid to understanding how information technology could be used to support work practices.

The regional technological infrastructure plays such a key role in shaping and influencing information management practices. It must be taken into account when developing policies, and that involves keeping up to date with the latest social networking tools and finding out how they are used within organisations. It is in many ways much easier to take a draconian approach to limiting the use of such tools, or banning the use of portable memory sticks, but the end result of such actions is highly unlikely to be beneficial to organisational information management.

Overview of the regulatory environment

As I have already noted, organisations do not exist in isolation. They are a microcosm of the environment in which they are situated, and will reflect the standards and norms of that environment, as embodied by the broader legislative framework. The functions of the organisation are a key factor in determining which legislation is applicable. For instance, information management in a hospital setting will be subject to rules and regulations regarding the prescription of drugs, the confidentiality of details relating to a patient’s disease and its treatment, and the need for informed consent. Whether an organisation is in the private or public sector is also significant, as different legislation is likely to apply.

The type of legislation will vary according to the political structure of the country concerned, and any regional alliances. So, for countries such as Germany, Australia and the United States, which have a federal structure, there may be legislation at both state and national level. Membership of the country in international alliances such as the European Union will also have implications for legislation, introducing another layer of complexity.

It is also important to acknowledge the existence of standards which establish codes for best practice. Standards may be applicable internationally, nationally or be industry or sector specific. The best known standards are likely to be those that are international developed by the International Organisation for Standardisation (ISO). ISO is a nongovernmental organisation made up of a network of 145 national standards bodies. It promotes the development of standards in order to facilitate the international exchange of goods and services, and develop international collaborative activity. Standards are used internationally in order to:

 make the development, manufacturing and supply of products and services more efficient, safer and cleaner;

 facilitate trade between countries and make it fairer;

 provide governments with a technical base for health, safety and environmental legislation, and conformity assessment;

 share technological advances and good management practice;

 disseminate innovation;

 safeguard consumers, and users in general, of products and services;

 make life simpler by providing solutions to common problems.

(International Organisation for Standardisation, 2010)

An ISO standard is the result of negotiation and agreement between national member bodies. The ISO website sets out the procedure for drafting and creating a standard. Development work is carried out by Technical Committees (TC) and their related Sub-Committees (SC), and is usually a six-stage process.

As I pointed out in Chapter 2, standards are increasingly becoming an important feature influencing information management, particularly in records management and electronic recordkeeping systems. Standards may also, of course, be applicable to the functions of the organisation, so it is essential that these are identified and any implications for information management taken into account when developing programmes and services.

The same comment also applies to legislation, of course. In this chapter I will focus on the features that are particularly important to information management across a wide range of sectors. Information managers will most definitely also need to ensure they are cognisant of the legislation that is applicable to the functions of their organisations, and be aware of any ramifications for their responsibilities. But that is beyond the scope of this book, so the remainder of this chapter will focus only on those areas which will have wide applicability for organisations in different sectors.

Privacy

Privacy requirements relate to the need to protect personal information about oneself or about other people. The extent to which privacy is protected by legislation varies from country to country. Similarly, the extent to which relevant laws or standards are recognised and adhered to by individuals will also vary greatly according to country.

When organisations operated on a very localised basis, simply becoming aware of the norms of that particular jurisdiction and then making sure that they were followed could be the primary concern for information managers. However, given the cross-border and global reach of today’s information systems, the glorious complexity of the ranges of attitudes towards privacy, and corresponding variations in legislation, are very relevant to the work of information managers.

In fact, these variations in attitude are also apparent beyond formal organisational e-commerce systems, and are impacting on social networking spaces. The availability of personal information on Facebook and YouTube has prompted legal action from countries where there is a greater sensitivity to the need to protect personal information from exposure unauthorised by the person involved.2

The legislation

There are countries with no formal privacy legislation or rules for the protection of personal information at all, such as Argentina, Thailand and Malaysia (Milberg et al., 2000). But even restricting our overview to those with privacy regulation, there is still a considerable diversity of models in place. The variation in legislation relating to the protection of personal information has been represented as a continuum of regulation. At one end of this continuum is the laissez faire of non-governmental intervention, at the other extreme is high governmental involvement and control (Milberg et al., 1995).

Sandra Milberg and colleagues identified five models of regulation along their continuum:

 Self-help model. As its name suggests, this model is the one with least involvement of government. Here, the onus is on the affected individual to protest any breach of rights, for example unauthorised use of personal details about them. Furthermore, the individual will have to bear any legal costs associated with upholding their rights. This model is said to be associated with France.

 Voluntary control model. In this model, the emphasis is on self-regulation by organisation, in accordance with legislation. A person is designated as the responsible officer within the organisation, to ensure compliance. The voluntary control model is in place in the United States and in Japan.

 Data Commissioner model. This is the half-way point on the regulation continuum. In this model, the regulation of privacy concerns is the responsibility of a government appointee similar to an ombudsman. This is the system that is in place in New Zealand, as well as in Australia and Canada. The work of New Zealand’s privacy commissioner includes education and training, investigating complaints as well as monitoring uses of technology and reviewing new legislation for implications for privacy (Privacy Commissioner, 2010).

 Registration model. This is similar in intent to the licensing model (see below) in that a government body is set up for regulatory purposes, but actions are remedial rather than preventative. This is the model that is in place in the United Kingdom and Denmark.

 Licensing model. This is the strictest model and allows for full government regulation and intervention in order to protect personal information. This is the model that is in place in Germany.

Germany has a long history in terms of privacy legislation. The very first legislation relating to data protection was introduced in 1970, in the then West German state of Hesse. Some commentators have speculated as to whether attitudes to privacy can be associated with national cultural characteristics, in particular correlations between the power distance and individualist/collectivist dimensions (Walczuch et al., 1995). However, this high regard for the need to protect and guard access to personal information has also been associated with Germany’s totalitarian past. In other words, memories of how personal information was used by the National Socialist regime for power and control made people in the former West Germany very cautious of, and aware of the possibilities for, misuse (Walczuch et al., 1995).

These attitudes can only have been reinforced subsequently by disclosures of the extent to which the State Security Service of the former East Germany (Staatssicherheitsdienst or Stasi) gathered information about citizens for the purpose of control. Targets for information gathering ranged from high-profile public figures in both the former East and West Germany to ordinary citizens. The scale of operations was such that, for the population of about 16.4 million individuals, there was one official employee per 180 citizens, plus over half a million ‘unofficial employees’ registered between 1949 and 1989 (BSTU, 2010). The dimensions of the type of information gathered went far beyond the sorts of data we may normally think about in terms of privacy and personal information, including attempts to capture people’s individual scents:

Mostly, smell samples were collected surreptitiously. The Stasi might break into someone’s apartment and take a piece of clothing worn close to the skin, often underwear. Alternatively, a ‘suspect’ would be brought in under some pretext for questioning, and the vinyl seat he or she had sat on would be wiped afterward with a cloth. The pieces of stolen clothing, or the cloth, would then be placed in a sealed jar. (Funder, 2002: 8)

The German situation may be common to other totalitarian regimes, but it is particularly interesting because of developments after the breakup of the Soviet Union and the fall of the Berlin Wall. When it became clear that change to the ruling structure was imminent, the East German authorities attempted to dispose of the records relating to their surveillance operations. Masses of files survived intact, and after the reunification of Germany legislation was passed to enable access to these records, primarily for the purposes of Aufklaerung, personal clarification of the secret power that had controlled peoples’ lives. Even those files that were destroyed by shredding are being re-assembled. Initially that was being done manually by a team of people – painstaking and laborious work indeed. Subsequently, however, technology has come to the aid and software has been developed to automate this process. In all, the resources directed to this activity are huge, and reflect the importance of this discovery process accorded by the German government.

However, this operation has prompted intense debate in Germany. The need to vindicate the personal rights of those people who were targeted for investigation cannot be done without disclosing the names of Stasi agents and informers and therefore infringing their rights to privacy. The scale of the surveillance activity undertaken by the Stasi was immense, with files accumulated on over six million people. That, of course, entailed a correspondingly large number of people tasked with gathering information. The procedures now for providing access to these files appear to have been developed in order to try to protect the identity of those informers, as the names of any other individuals mentioned are obliterated.3

Also keeping this debate alive in Germany is the reluctance by some high-profile members of the population to authorise disclosure to ‘their’ files. These include former ruling politicians such as the West German Chancellor Helmut Kohl. The controversy will undoubtedly continue, and similar situations are being enacted elsewhere in Eastern Europe where personal information was collected by the state for the purposes of power and control over citizens.4

People’s attitudes to privacy

So history, politics and culture are all likely to be significant factors which influence people’s attitudes to the importance of protecting information about themselves. In countries where there is less awareness of the potential for the use of personal information for power and control, even if relevant legislation exists, it may not be regarded as particularly important. In Hong Kong, for instance, before the return of this former British colony to China, a number of changes to legislation were introduced. (Negotiations preceding handover resulted in the agreement that the laws already in force in Hong Kong would be maintained so long as they did not contravene China’s Basic Law (Conner, 1997: 94).) Among these new laws was one relating to privacy, the Personal Data (Privacy) Ordinance, which was based on British legislation. A brief overview of the objectives of this personal data ordinance at the time of its enactment (Lau, 2000), is noteworthy as it emphasises the contribution of the ordinance to Hong Kong’s economic well being. It stresses that the introduction of this legislation will ensure that trade restrictions will not be imposed on Hong Kong by countries that do have data protection laws. In other words, the motivator for the legislation appears to be economic rather than the recognition of the need to protect the rights of individuals to restrict access to information about themselves.

A lack of recognition of the consequences for misuse of personal information can certainly be observed in the workplace, as I found in my study of information management in a Hong Kong university. Here, a data protection officer had been appointed in accordance with the recently enacted ordinance. The functions of this officer appeared to have been viewed by staff as rather tedious, but there was no suggestion that compliance would not be forthcoming. In this instance, then, very clear and explicit guidance and procedures would have to be provided as to what the requirements to protect personal information were, and there should not be any expectation that employees would necessarily understand why those requirements were being implemented.

By way of contrast, in the Australian university I studied there was certainly general awareness amongst staff of the need to protect and maintain confidentiality of the records relating to students. However, at the time of my visit the staff I interviewed could not actually find the university’s policy and guidelines relating to privacy, but were confident that one did exist as privacy was such an important concern. So their default position, in the absence of specific guidelines, was to make sure that these records were kept securely and protected from unauthorised access.

Freedom of information

Freedom of information refers to the rules that guarantee access by citizens to the information held by governments. Once again, there are a wide range of different attitudes towards freedom of information, which can have the end effect of not actually realising the intent of legislation. This is a very important feature to be aware of for information managers working in organisations such as government departments and local authorities that are subject to freedom of information laws.

A characteristic I noted in the previous chapter in connection with low power distance was ‘openness with information’. The implication of this is that in countries where Hofstede found a low ranking on the power distance dimension, there is a likelihood that people will be more predisposed to sharing information rather than keeping it secret. However, this does not seem to fit with the picture of attitudes to freedom of information legislation in Britain.

Britain is one of the last Western democracies to implement freedom of information legislation. This reluctance to legislate in favour of open government has also been noted in countries that were former British colonies. Hong Kong, for instance, still does not have any freedom of information legislation.

As noted above, a number of laws relating to information management were introduced in Hong Kong just prior to handover of the territory to the People’s Republic of China. Freedom of information, however, was not addressed. In fact, Britain played a key role in preventing its introduction.

In Jonathan Dimbleby’s account of the handover period in Hong Kong, specific mention is made of the Governor (Chris Patten) blocking attempts to introduce freedom of information legislation in Hong Kong, although reasons for this are not specified (Dimbleby, 1998: 251).

British archival academics Andrew Flinn and Harriet Jones have compiled a provocative collection of papers which explores whether a legislative mandate to access information has a negative impact on those creating records (Flinn & Jones, 2009). In other words, does the knowledge that their actions will be subject to public scrutiny inhibit public servants from formally recording discussion, debate and decisions. Sadly, there appears to be some evidence for this view from commentators around the world (Hannant, 2009; Schewe, 2009) notably including Sweden, which has a long and distinguished tradition of allowing public access to official information dating back to the eighteenth century (Östber & Eriksson, 2009). The Dutch contributor to this volume rejects this pessimistic view, however, and points to the introduction of desktop computing as the more significant factor causing ‘empty archives’ (De Graaff, 2009).

The situation in Britain now, as regards freedom of information from an information management perspective, is very intriguing. When the legislation was finally enacted, it was accompanied by a code of practice relating to records management. The code has the very best of intentions and certainly emphasises the need for effective records management if the aims of freedom of information legislation are to be realised:

Any freedom of information legislation is only as good as the quality of the records to which it provides access. Such rights are of little use if reliable records are not created in the first place, if they cannot be found when needed or if the arrangements for their eventual archiving or destruction are inadequate. Consequently, all public authorities are strongly encouraged to pay heed to the guidance in the Code. (Lord Chancellors Code of Practice on the Management of Records, 2002)

By accompanying the legislation with clear guidance as to the essential information management infrastructure required, it could be assumed that Britain would avoid the situation in New Zealand mentioned in the previous chapter. New Zealand can be regarded as an early adopter of freedom of information among Anglophone countries as this legislation was introduced in 1982, replacing the existing Official Secrets Act. However, there was minimal recognition of the need for records management services in order to effectively respond to requests for official information. On the contrary, this period of time can be characterised as a time of crisis for records management, as registries were dispersed and records management positions lost in so many government departments (Oliver & Kurmo, 2010).

However, the situation in Britain today indicates that even if there had been high-level recognition of the need for records management to support freedom of information requirements, it still might not have had the desired result. Elizabeth Shepherd and colleagues have conducted research exploring the impact of freedom of information legislation in local authorities in Britain. They conclude that, despite the rhetoric, records management still may not be regarded as particularly important in these organisations:

… whilst superficially FOI seems to have facilitated a change in the perception of records management, how deep the culture change has actually been and how far it has penetrated organisations beyond the front-end customer interface can be questioned. (Shepherd et al., 2009:238–239)

I cannot escape from the view that even though legislation might be in place, even though explicit codes of practice might be issued, people’s attitudes and values to information will still be instrumental in influencing successful information management. It is of enormous importance for records managers in particular to recognise this, and not to assume that the intent and purpose of freedom of information legislation will be upheld if appropriate policy is developed. On the contrary, if there is a fundamental resistance to freedom of information ideals and aspirations, there may well be disastrous consequences for organisational and even national memories. Much more research is needed to answer the ‘empty archives’ question posed by Flinn and Jones. In the meantime, however, awareness of this potential problem area will assist information managers to be particularly vigilant and emphasise the importance of creating and maintaining full and accurate records.

Another feature worthy of consideration is maintaining an openness as regards the format and media of those records. If, as Bob De Graaff suggests, technology is a prime influencing factor, perhaps records managers should be considering alternative ways in which records should be created, such as audio and video recordings. This of course would in turn present many challenges in terms of managing this information so that it was retrievable and could be stored for long periods of time. The consequences of continuing with current practice, regardless of whether or not desired outcomes are achieved, does not seem to be an acceptable option.

Copyright

Copyright legislation can be defined as the rights of ownership accorded to authors and creators of information. These rights govern the extent to which copying and distribution of information can take place. The protection of copyright lasts for a certain period of time, after which the information object passes into the public domain. The period of time varies from country to country, as does the starting point for the applicability of relevant legislation, and the range of formats that it is applied to.

The digital environment has vastly complicated requirements relating to copyright as reproduction, copying, extracting portions of a work to incorporate into new work become easier and easier. Mash-ups, the compilation of bits and pieces of different information types (such as sound, image, graphics as well as text) to make a new digital information resource does not require expensive equipment or even necessarily specialist expertise. The potential therefore for copying and profiting from someone else’s original work without acknowledgement is indeed great.

This situation creates obligations for information managers to ensure that organisational resources are used appropriately. The first step of course is to make sure that you are familiar with requirements in order to provide appropriate guidance. This is no small task, as copyright more than any other area of legislation impacting on information management seems to be beset by myths and legends rather than a clear grasp of facts. This reflects the complexity of the environment and the high profile accorded to breaches of copyright in some countries.

Once again, cultural considerations are likely to result in different attitudes towards the ownership of information. Tim Padfield, a British copyright expert specialising in matters relating to unpublished materials, identifies two distinct approaches to copyright legislation. On the one hand is the British approach, also exported to the USA and commonwealth countries, which regards copyright as an economic property right. On the other hand, most other European countries take an approach which emphasises the protection of the author’s personality, as expressed in the work (Padfield, 2010). Harmonisation of British copyright law with European Union legislation has taken place to ensure consistency of approach. However, given the quite different philosophical perspectives as regards the motivation for protection, it seems that people’s instinctual knowledge as to what copying behaviours are permitted is likely to vary considerably according to country.

Furthermore, Padfield notes that despite the existence of international conventions (such as that administered by the United Nations World Intellectual Property Organisation) and the European directives, there are not only still considerable variations in legislative requirements within Europe, but also far more variations in countries outside Europe. He points in particular to variations in the definition of the copyright owner, which means that ‘quite different people qualify as owners of copyright in the same work in different countries’ (Padfield, 2010: 12).

All this adds up to the need to be aware that common understanding of copyright regulations, the motivation for copyright protection and the extent to which restrictions apply will vary widely among staff in organisations. Copyright infringements in the workplace therefore cannot be assumed to be of malicious intent, especially if there is not a high degree of public awareness of the need to protect the rights of information owners and when adequate guidance has not been provided by information managers.

Further complicating factors are the steps taken by copyright owners to protect their property, in the form of digital rights management. Digital rights management is the implementation of controls to guard against unauthorised use or copying. This technology may hamper preservation efforts if it is attempted, for instance, to migrate content to a more stable or long-lasting format. For instance, a library cannot assume ownership of the content of digital media as it may not be accessible in the future because of technological obsolescence.

It is not only essential, therefore, to become familiar with copyright regulations which exist in your jurisdiction, but also to maintain awareness of international developments. These may well influence the long-term availability of digital information resources that you may regard as being owned by your organisation, but which in fact may only be temporarily accessible. The debate surrounding the ownership of information will be ongoing, and solutions that emerge are unlikely to be universally applicable.

Conclusion

This chapter has been very wide ranging, covering what I have termed the structural environment in which organisations operate. The characteristics of the languages that are used, whether information needs to be made available in more than one language, and preferences for low or high context communication will all impact on information management. The technological capabilities and capacity of the region in which the organisation is situated and does business with have to be taken into account when developing information management policies and procedures within the organisation. Finally, the features of the regulatory environment, and whether staff are aware of their obligations let alone willing to follow them are essential characteristics which frame and shape organisational cultures. The following chapter moves on to consider the next layer of the organisational culture onion: occupational culture.

References

Alas, R., Ennulo, J., Tuernpuu, L. Managerial values in the institutional context. Journal of Business Ethics. 2006; 65:269–278.

The Ministry for State Security (MfS) – Summary. 2010. (accessed 1 Sept 2010). http://www.bstu.bund.de/cln_012/nn_710358/EN/Ministry__for__State__Security/ministryforstate__security__node.html__nnn=true

Conner, A.W. Legal institutions in transitional Hong Kong. In: Chan M.K., ed. The Challenges of Hong Kong’s Reintegration with China. Hong Kong: Hong Kong University Press; 1997:85–111.

De Graaff, B., The Access to Information Shuffle: Historical Researchers Versus the Government in the NetherlandsFlinn, A., Jones, H., eds. Freedom of Information. Routledge, London, 2009:77–89. [Open Access, Empty Archives?].

Dimbleby, J. The Last Governor: Chris Patten and the handover of Hong Kong, 2nd ed. London: Little, Brown; 1998.

European Archival Information Online, Legal framework for the administration and management of records and archives from. 2009. http://euronomos.euronomos.org/nuxeo/nxdoc/default/5ab772fe-6be4-4fc2-b730.-b877cfe51bdc/view_documents?tabld=&conversationld=0NXMAIN2&conversationIsLongRunning=true

Freedom of Information Open Access, Empty Archives?. Flinn, A., Jones, H. Routledge, London, 2009.

Funder, A. Stasiland. Melbourne: Text Publishing; 2002.

Geert Hofstede Cultural Dimensions. From http://www.geert-hofstede.com/hofstede_dimensions.php.

Hannant, L., Access to information and historical research: The Canadian experience Open Access, Empty Archives?Flinn A., Jones H., eds. Freedom of Information. Routledge: London, 2009; 125–139.

Hyder, A., Abraha, D. Institutional factors and strategic alliances in Eastern and Central Europe. Baltic Journal of Management. 2008; 3(3):289–308.

. What Standards Do, 2010. http://www.iso.org/iso/about/discover-iso_what-standards-do.htm

Ji, L.-J., Tuo, T., Zhang, Z., Messervey, D. Looking into the past: Cultural differences in perception and representation of past information. Journal of Personality & Social Psychology. 2009; 96:761–769.

Konsa, K., Reimo, T. Preservation priorities: Red Book of Estonian Publications, 1535–1850. International Journal of the Book. 2009; 6(1):11–16.

Lau, S., The Hong Kong personal data (privacy) ordinance. Paper presented at the Proceedings of the tenth conference on computers, freedom and privacy: challenging the assumptions, Toronto, Ontario, 2000.

Lord Chancellor’s Code of Practice on the Management of Records. 2002. http://www.foi.gov.uk/reference/imprep/codemanrec.htm

Milberg, S.J., Burke, S.J., Smith, J., Kallman, E.A. Values, personal information privacy, and regulatory approaches. Communications of the ACM. 1995; 38(12):65–74.

Milberg, Sandra J., Jeff Smith, H., Burke, Sandra J. Information privacy. Corporate management and National regulation Organization Science. 2000; 11(1):35–57.

Ministry of Culture, Estonian Cultural Strategy 2008–2011. 2008. www.kul.ee/webeditor/files/strategy_2008-2011.pdf

Oliver, G., Kurmo, K., Dismantling bureaucracies and technological change: impacts on recordkeeping and the influence of organizational culture. Paper presented at I-CHORA 5, London, 1–3 July, 2010.

Östber, K., Eriksson, F. The problematic freedom of information principle: The swedish experience. In: Flinn A., Jones H., eds. Freedom of Information. London: Routledge; 2009:113–124. [Open Access, Empty Archives?].

Padfield, Tim. Copyright for Archivists and Records Managers, 4th edn. London: Facet; 2010.

Commissioner, Privacy, What we do from. 2010. http://www.privacy.org.nz/what-we-do/

Rannut, M., Language policy in Estonia. Noves SL: Journal on Sociolinguistics. 2004. http://www6.gencat.net/llengcat/noves/hm04primavera-estiu/docs/rannut.pdf

Raun, T.U. Estonia and the Estonians, 2nd updated edn. Stanford, CA: Hoover Institution Press; 2001.

Runnel, P., Pruulmann-Vengerfeldt, P., Reinsalu, K. The Estonian tiger leap from post-communism to the information society: from policy to practice. Journal of Baltic Studies. 2009; 40(1):29–51.

Schewe, D.B., Access to information: Promise versus practice in the USAFlinn, A., Jones, H., eds. Freedom of Information. Routledge, London, 2009:90–101. [Open Access, Empty Archives?].

Shepherd, E., et al. The impact of freedom of information on records management & record use in local government: A literature review. Journal of the Society of Archivists. 2009; 30(2):227–248.

Seadus, Suneksemplari Electrooniline Riigi Teataja from. 2009. http://www.riigiteataja.ee/ert/act.jsp?id=968385

Walczuch, R.M., Singh, S.K., Palmer, T.S. An analysis of the cultural motivations for transborder data flow legislation. Information Technology and People. 1995; 8(2):37–57.


1.Ministry of Government Administration, Reform and Church Affairs: http://www.regjeringen.no/eny/dep/fad/press-centre/press-releases/2009/new-obligatory-it-standards-for-the-stat.html? id = 570650.

2.See, for example, discussion following the announcement of an European Union investigation of the impact of tagging on privacy: http://www.law.georgetown.edu/cleblog/post.cfm/european-privacy-regulators-investigate-tagging-features-of-facebook-and-google.

3.Procedures are set out on the website of the government agency established to provide access to the files of the state security service of the former German Democratic Republic: http://www.bstu.bund.de/cln__012/nn__1138150/EN/Inspection__of__files__and__examinations/Private__individuals/private__individuals__node.html__nnn=trueLdoc1138148bodyText6.

4.See, for example, the website of the Rumanian National Council for the Study of Securitate Archives: http://www.cnsas.ro/engleza/mission.html