1988 reconstruction

Seventy years since the first software program ran

Today is the 70th anniversary of the first successful execution of the world’s first software program which I wrote about on this blog on the occasion of the 65th anniversary, which was also commemorated with a specially commissioned video on Google’s official blog. The Manchester Small-Scale Experimental Machine (SSEM), nicknamed Baby, was the world’s first stored-program computer i.e. the first computer that you could program for different tasks without rewiring or physical reconfiguration. The Baby was designed by Frederic C. Williams, Tom Kilburn and my father Geoff Tootill, and ran its first program on 21st June 1948.

It is the first anniversary of the Baby which my father hasn’t celebrated, as he passed away last October at the grand old age of 95. His contribution to the development of the modern day computer was recognised with obituaries in the Daily Telegraph, Guardian and the Times – the last of these was the most detailed and is reproduced here by kind permission of The Times. It reminds me of how gratified my father was to successfully debug a program that Alan Turing gave him to run on the Baby in the autumn of 1948! Apart from the Baby, Geoff Tootill worked on many, very varied scientific developments, including airborne radar during the Second World War, the first commercial computer at Ferranti, satellite communications, packet switching networks which foreshadowed the web, air traffic control and collision avoidance at sea. His final computing legacy was the phonetic algorithm that we use today in matchIT.

I’m in Manchester where there is a working replica of the Baby on display at the Museum of Science and Industry – my brother Peter will be handing over a test device that our father used when building the Baby, to be exhibited alongside the replica. Volunteers from the Computer Conservation Society are rerunning the first program. It will be great to catch up with Chris Burton who led the team that built the reconstruction of the Baby for the 50th anniversary in 1998 and to meet again Professor Dai Edwards who worked with my father in 1948. There are very few of the pioneers left now from those early days, so it is wonderful that the Computer Conservation Society has kept alive their legacy by lovingly reconstructing the machines that they built, including the Colossus at Bletchley Park. We owe them a heartfelt “Thank you!”

gdpr next steps

GDPR is live, what’s next?

In the run-up to May 25th, it seems to me that most companies focused all their efforts on ensuring GDPR compliance on the consent and contracts fronts. Assuming these are now sorted, you now need to make sure that the personal data that you hold about your customers and prospects, is accurate and up to date. After all, although the Information Commissioner’s Office doesn’t expect everyone to be perfect by now, they have stressed the importance of demonstrating continuing efforts to achieve full compliance. As Richard Sisson, senior policy officer at the ICO says: “You can’t forget about GDPR and it’s done. It’s an ongoing thing.”

He expanded on this by saying “We are trying to reassure people that if you are trying to do the work that you can to comply, if you are working towards the accountability principle and ensuring you have records of what you’re doing, and you can show that you are working towards compliance – we may not be entirely happy all the time, but we will take those things into consideration. We understand that. We’re not going to be issuing huge fines on 25th May.”

But if you aren’t sure how accurate and up to date your data is, it won’t be! And you need to start doing something about it now. As the Chair of the EU Article 29 Working Party Isabelle Falque-Pierrotin said, “This is a learning curve and we will take into account, of course, that this is a learning curve… but it’s important that you start today, not tomorrow. Today.”

There are two key things that you need to focus on to start with:

  • Making sure that you only communicate with your customers using accurate and up-to-date data. This will minimise the numbers that are prompted to contact you to question what data you have on them and maybe lodge a Subject Access Request.
  • Being able to respond promptly and fully to Subject Access and erasure requests (Right To Be Forgotten).

An accurate and current Single Customer View is essential to have full confidence that you’re meeting your data compliance obligations – but this can involve not only implementing suitable software to create and maintain this Single Customer View, but also admin work in human review of “grey area” matches – records that might be for the same person but are sufficiently different to need someone to check and maybe dig deeper.

So how do you reduce the chances of data inaccuracies being drawn to the attention of your customers, while showing solid steps taken and scheduled if someone lodges a complaint with the ICO?

  1. Consider a comprehensive, effective audit of your personal data, checking for duplication, out-of-date and incorrect addresses, people who have moved or died, phone numbers on the Telephone Preference Service etc.
  2. Make sure that data for any mass campaign or mailing that you undertake is run through an effective data cleansing solution to fix any problems before it is sent to print or the telemarketing agency.
  3. Take steps to implement a Single Customer View. The best matching software such as matchIT Data Quality Solutions will intelligently grade matches so that the vast majority can be automatically processed: combining duplicate records and linking matching records etc. Then the chances of your customers being aware of a problem are greatly reduced.
  4. While your admin team is reviewing those that got low matching scores to make manual decisions or before you’ve even done the automatic processing, matchIT Web provides a real-time Single Customer View that interrogates all your databases as part of your inquiry function: this allows your users to see all potential matches on the screen when a customer calls in. It also enables a quick effective way of handling Subject Access Requests and the Right To Be Forgotten.

One more thing to keep in mind of course, is that you need to make sure that your customer data is kept secure at all times while you’re on your journey towards GDPR data compliance. Maybe I should add a 5th item to those above: make sure you’ve got a plan for if the worst happens and you have to notify the ICO of a data breach… which could in turn require notifying all your customers. The sooner you have that accurate Single Customer View in place, integrated into the security of your database, the sooner you can be confident that you’re doing everything you can to minimise the chances of a breach – and the easier it will be to notify your customers should one happen.