For better or for worse: Why your brand reputation is hitched to your ability to manage and protect data
The potential benefits of technology to change and improve lives are clear for all to see. At an individual level, wearable devices can help better manage health, home sensors can reduce your energy use and costs, and analytics can hone services to meet your every need. At an organisational level, digital transformation can not only boost efficiency and productivity, but it can change the way that whole industries operate and allow organisations (including governments) to deliver new kinds of services for citizens and consumers.
Organisations, however, need to be conscious of the kind of impact they (and their use of technology) are having on all aspects of society. This can include public concerns about the environmental impact of energy use, the societal impact of jobs lost to automation, the economic impact of online retail over bricks and mortar, and even the personal impact of indiscriminate data collection and mismanagement.
Many organisations employ corporate social responsibility (CSR) programs in order to benefit society while also seeking to boost their own brands. By embarking on philanthropy or volunteering they are not only able to promote worthy agendas or causes, but are also able to gain positive brand association.
In recent years the main issues that CSR programs have focused on are issues such as climate change and diversity, but a new issue has emerged in recent months that has eclipsed all others in the minds of consumers … privacy. For software and technology companies, the link between data privacy and corporate responsibility is relatively straightforward. Even in non-tech industries, however, privacy has become a major issue.
No matter what industry you work in, more products are becoming connected. Mattel released a Wi-Fi-connected Hello Barbie in 2015 and researchers promptly uncovered several vulnerabilities that showed it could be hacked into a secret listening device. At the same time companies from all industries process and store both customer and employee data that must be kept secure. Not only have customer data breaches grabbed headlines, but regulations now mandate prompt disclosure of data protection failures and companies can be liable for massive fines – or even worse, they can be told that they are no longer allowed to process customer data. On top of this, the reputational damage of such an incident can be monumental.
For the very first time, industry analyst firm Gartner has listed digital ethics and data privacy as one of the top 10 tech trends for the year ahead. On top of this, research by FleishmanHillardFishburn has shown that the issues that consumers currently care most about are data security and privacy. It is these issues that consumers now want brands to be talking about, rather than their diversity or sustainability efforts.
For better or for worse…?
So how open should brands be about their CSR efforts in the good times – explaining their support for digital ethics and data privacy when things are going well – at the risk of a backlash in the bad times – when they invoke crisis management plans in the event of a data breach?
As Nick Andrews, senior partner for EMEA reputation lead commented in the FleishmanHillardFishburn report: “In an increasingly hashtag driven world, though, do you support the movement and risk a backlash, or stay quiet and disappoint? Only companies with a clear sense of purpose, who use this as a yardstick against which to measure their actions, will demonstrate the consistency and clarity of view which people expect. For those that do, the rewards will be great.”
There are essentially three possible courses of action with organisations falling into one of the three following groups:
Group 1: Business as usual, with no real emphasis on digital ethics and data privacy: 80% of UK consumers surveyed by FleishmanHillardFishburn have stopped using the products and services of a company because the company’s response to an issue does not support their personal views.
With digital ethics and data privacy topping the list of issues that consumers currently care most about, your brand is going to be at a competitive disadvantage to your Group 2 rivals that advocate strong support for digital ethics. And without making data privacy and security a strategic priority, you’re going to be more likely than Group 3 rivals to suffer a data breach and be impacted by the consequent reputational damage.
Group 2: Strong support for digital ethics and data privacy, without any real cultural change: If you aren’t genuinely committed to privacy, you’re going to be more likely than Group 3 rivals to suffer a data breach and be impacted by the consequent reputational damage. In addition, the reputational damage will be amplified as your claims of strong support for digital ethics and data privacy will be shown to have been inauthentic, and you risk being accused of ‘greenwashing’ or ‘astroturfing’.
Group 3: Wholehearted adoption of digital ethics and data privacy as a strategic priority: There are expectation among consumers that companies will take these issues seriously and enact robust data privacy measures above and beyond the legal requirements. Realising this Group3 firms will see it as an imperative to act now and maintain strong leadership in this field, or else risk the consequences of consumer discontent. Only if digital ethics and data privacy are made a strategic priority that leads to true cultural change throughout the company will this be possible.
Let’s not forget that GDPR affects any organisation handling the personal data of EU citizens no matter where company is located, meaning that even U.S. companies which process the personal data of individuals residing in the EU have to comply. And if regulatory compliance with the threat of massive fines were not motive enough, the fact that privacy is now the number one issue for customers across all sectors means that not aiming to be in Group 3 here is sheer folly.
Interested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.