My first home/life insurance agent was an Allstate rep named Paul.

Paul had a heavy body contoured from years of deskwork.  He had a deep, rich voice and,true to his profession, Paul had a tendency to see the risk inherent in everything.   I once told him approvingly about the wide, stone stairs to our house that I had retiled and Paul said, “that’s all well and good until you fall on those hard tiles and break your knee into 300 pieces…”  Paul was an oddity in this world.  He saw risk first…

Generally speaking human beings consider possibility first and risk second… As a consequence we design for possibility and then retrofit for risk (if we are lucky).   Air travel is a good example; we built for the possibility of convenient, no-hassle travel.  This was designed into the architecture of our airports.  September 11 changed our relationship to travel by exposing some serious risk and we began the hard work of retrofitting.

Drew Bartkiewicz of The Hartford has been considering data security and privacy in the age of social networks; an age marked by the explosion of personally identifiable information (PII) uploaded by users on blogs, video sites, social networks etc.    Having customers help you build unique data sets is a core proposition behind Web 2.0 (see here) Companies that want to engage the social web should absolutely design for possibility – but it is important to acknowledge risk and be clear about the types of data you are collecting and how you plan to use it.  What’s more, companies should understand that they might have secondary liabilities (meaning, are you responsible for what someone else will do with the data that you have made available).  To wit; eBay’s multiple law suits.

Drew sums up much of his thinking when he says, “Credit is to the financial markets what privacy and trust are to Web 2.0″ (you can’t have one without the other).  Fittingly, we spoke in New York City the morning after Lehman Brothers went under.