I've been watching a presentation by Zed Shaw (one of the pre-eminent software developers in the Ruby on Rails arena).
Ostensibly, it's a presentation about implementing ACLs within a corporate environment (think File Permissions and Document Management Systems), though in reality it's about the relationships between managers and developers. There are some very sharp insights,
check it out:
ACL is DEAD