Let’s start the conversation on Corporate Digital Responsibility

It was fantastic to be part of the CIPR – Chartered Institute of Public Relations national conference today where we hosted a session on ‘Corporate Digital Responsibility (CDR) – What You Need To Know Right Now’. Chaired by Allegory’s Associate Director Iain Aitch, our panel included: Allegory CEO Charlotte McLeod; Anne Gregory, Professor Emeritus in Corporate Communication at The University of Huddersfield; and Rob Price, Director at Alchemmy and founder of corporatedigitalresponsibility.co.uk

Allegory is a strategic communication agency that helps organisations lead the conversation on technology. That includes us, too. For the past ten years, we’ve been working with one of our clients, the Open Data Institute (ODI) co-founded by Sir Tim Berners-Lee, inventor of the World Wide Web. Just last week, Tim and I were chatting about how much the world has changed in the last decade, and now Allegory wants to help fellow communicators be a driving force for good in the emerging CDR field. 

Communicators should be proactively helping organisations to identify, address and prepare for the challenges, risks and opportunities – both existing and emerging – in the digital world. We know that when a data-related crisis reaches the public’s awareness, or that of any external stakeholder, it will fall to us to deal with. This means that communicators being ‘front-footed’ on CDR is in everyone’s best interests.

The panel first worked together on the subject of CDR back in April, when Allegory convened a roundtable discussion that led to the publication of our report on the subject – available to download here

Allegory saw a gap in available resources for communications professionals, which is why we created a six-stage practical framework (below) that helps communicators get CEOs and boards talking about CDR, and taking steps to address both the opportunities and risks inherent in CDR.

It is quite likely that your CEO or board may never have heard of the term Corporate Digital Responsibility, though once put to them, it has a ‘Ronseal’ appeal. We’ve reached a tipping point in history, where every business – regardless of size, service, or sector – is a data organisation, so they simply can’t ignore it. CEOs may naturally want to confine CDR to being an issue for the IT department to manage (perhaps because of their own low level of interest in data and digital), but data is always about people, and the CEO is ultimately accountable for responsible business practice.

If your organisation gets CDR right, it can help you to generate funding and retain investment. It can help attract and retain the best people, as well as maintaining and building your own reputation. That’s money, people, and reputation all at stake. 

One of the best ways to start a conversation with your CEO is to use the existing language that boards know. The CEO might say to you: “Where does CDR fit in, it feels like it is the G bit of ESG*?”. Actually, CDR sits across all three areas of ESG. It is like the nervous system of the body of an organisation and affects every person and team within it. In that way, it is a bit like the EDI** agenda. If you can get the CEO’s buy-in, it will trickle down and permeate the organisation. If it’s just stuck within the IT department, then it won’t get the level of board understanding needed. When things go wrong, it will ultimately land back on the communicators’ laps to sort out the mess.

* ESG (Environmental, Social and Governance) represents a more stakeholder-centric approach to doing business. ** EDI (Equality, Diversity and Inclusion) ensures fair treatment and opportunity for all, by eradicating prejudice and discrimination on the basis of an individual or group of individual’s protected characteristics.

The good news is that the only way to get CDR wrong, is to do nothing. It’s an emerging issue and everyone is in the ‘Discovery phase’ for now. The next bit of good news for boards is that they shouldn’t be expected to have all the skills needed to address this, quite the opposite. Successful CDR requires a multi-stakeholder approach, a strong CDR culture and community of practice – all of which communicators can help convene and create.

Six steps to protect your business from digital risks

Practical steps you can take right now to identify challenges, mitigate risk, build a CDR culture and prepare an effective communications function to deal with challenges in advance.

1. Conduct a landscape analysis audit

By the time a problem gains the attention of the public, it’s too late to stop the media fallout. A full landscape analysis will help you identify the potential threats to your business in advance and prepare you to fix them quickly.

Key activities:

  • Identify and interview key stakeholders (CEO, CTO, Head of Marketing etc.)
  • Run a workshop to map risk factors, opportunities and audiences (SWOT/PESTLE analysis)
  • Write up workshop results and publish them internally

2. Plan communications strategies

With your key threats identified, it’s prudent to have communications plans in place to deal with them if and when they arise. Make sure you plan carefully for every foreseeable eventuality and include a listening strategy, as well as an outbound comms strategy, to ensure you’re one step ahead of the conversation.

Key activities:

  • Analyse existing policies and practices, channels and stakeholders
  • Hold a workshop to map strategies to threats and opportunities, noting any gaps
  • Develop CDR-specific reactive ‘Lines to Take’ and brief relevant stakeholders

3. Build a strong community of practice

No single team member has all the skills to address Corporate Digital Responsibility. You’ll need a multi-functional approach that engages with all key stakeholders if you want to succeed. Start by identifying essential personnel to form your CDR team. C-level executives will be the foundation – they’re ultimately responsible for digital security – but technology and communications experts are an essential piece of the puzzle, too. You might also consider including those most at risk from data breaches to ensure a participatory approach to CDR. Remember, diverse voices give you a better chance to identify threats and opportunities.

Key activities:

  • Hold a workshop to identify and prioritise stakeholders
  • Convene a working group of stakeholders and agree on an operational memorandum
  • Launch the working group publicly to key audiences

4. Ensure effective horizon scanning

The playing field of digital technology is constantly changing, so you’ll need to create a function dedicated to monitoring your organisation’s environment. This is key to understanding challenges at the earliest point in their lifecycle. With a close eye on the changing landscape, your team can ensure you have the correct procedures in place to combat emerging threats. 

Key activities:

  • Review identified stakeholders, policies and procedures
  • Hold a workshop to map key stakeholders’ sensitivities and identify potential critics
  • Map prominent individuals and groups, identify their position in advance and develop engagement strategies

5. Plan your internal communications architecture

CDR may be a leadership-level responsibility but it’s a team effort. Employees are a critical audience you’ll need to engage with to ensure compliance across your organisation. To mobilise their resources, you’ll need to communicate effectively with them. 

Key activities:

  • Review existing communications processes and procedures, as well as past successes and failures
  • Conduct a deep dive into engagement channels and map the most effective strategies
  • Plan communications monitoring and analysis across a set timeframe (6 to 12 months)

6. Plan to manage stakeholder engagement

Customers, partners and other external stakeholders have their own parts to play in managing data security. You’ll need to make sure they’re aware of their responsibilities, as well as the consequences of their actions. Governance is most effective when it’s run on a participatory model, so include stakeholders from the ground up. Remember, open and transparent communication is the foundation of trust. Never hesitate to bring your audience into the conversation.

Key activities:

  • Create a deep-dive stakeholder engagement report as a framework for your messaging strategy
  • Develop messaging and materials
  • Build reactive ‘Lines to Take’ and brief key stakeholders

Of course, each of these key activities represents a great deal of work on behalf of your team. However, these six steps offer a framework for organising your CDR activities to ensure great outcomes. To learn more about the process in action, reach out to us by emailing rachel@allegoryagency.co.uk. We’re experts in delivering quality Corporate Digital Responsibility strategies for leaders in the technology space. You can also download our latest report on CDR here.

Good data governance is fundamental for reputation

Emma Thwaites, founder of Allegory Communications, talks data and the way it influences our behaviour and business.

Data headlines are here to stay

Every aspect of modern life is defined or quantified by data. The Global Datasphere measures how much data is created and consumed every year. I find the scale mind-blowing – the total amount of new data predicted to be made in 2025 is 175ZB, up from an estimated 59ZB in 2020.

If you are struggling with visualising this (I did), I Googled it and, using my rudimentary maths, calculated that it’s the equivalent of 3.5 billion 4-door filing cabinets full of text. It’s unsurprising that we all somehow feel the presence of this invisible but massive force even if we only consciously think about it occasionally or never.

Data underpins the way we understand the world

Like water, electricity and roads, data is woven through the infrastructure of modern life. It influences our behaviour, our lifestyles and the choices we make. Data is increasingly the story – making front-page news and raising big political questions about transparency, privacy, and ownership. In March, research for the Centre for Data and Innovation showed an unprecedented increase in the use of data-driven technologies in the pandemic. This contributed to a 54% rise in UK media coverage of data-driven technologies in the first 12 months of Covid-19.

Things are moving so fast that the explosion of data often outpaces our ability to manage our response or understanding of it. As individuals, unpicking the truth from exaggerated claims and conspiracy theories woven with data is almost impossible. The issue is further exacerbated when data is taken out of context and manipulated to suit false narratives.

For leaders of complex organisations, keeping a grip on how data is being gathered, stored and processed is a mind-boggling task. According to a poll of 250+ business leaders, insight, marketing and communications professionals attending the recent DataComms 2021 conference, only 12% feel ‘very prepared’ to respond to a major crisis involving data, (e.g. a data breach), and almost a third (32%) stated that they would be ‘unprepared’.

There is work to be done. How we manage and communicate about data – something that was once primarily internal and often confined to ICT departments – is now very much an outward-facing concern. Whether we do it well or poorly can influence how trustworthy people consider our organisations to be. Data protection penalties are on the rise, climbing 40% in the past year (FT.com), and organisations are increasingly being held accountable for their use of data by regulators and consumers alike.

Corporate Digital Responsibility moving up the business agenda

Data is becoming a new battleground for those concerned with building and protecting corporate reputations. Consumers are data-aware as never before. While they may be happy to share personal data with organisations they trust, they are also ready to punish them for any misuse of data or perceived lack of transparency. Organisations that can master data, using it ethically and in an open and trustworthy manner, will win. Company reputations will be built on the strength of how seriously they take their Corporate Digital Responsibilities, at least in part.

So how can communicators master data? How can we make sure that we know and understand enough to advise our organisations confidently at the most senior levels? We must embrace it in its full capacity, understanding both the power it holds and the risks it may expose. Here is the basic process that we have developed at Allegory for achieving this:

Deep Dive:

  • Carry out a comprehensive data audit. What data does your organisation hold? Where is it stored? Who has access to it? What is it used for? Is it shared? How long is it kept for, and how is it protected?
  • Evaluate your data policies and procedures against your wider organisational mission, vision and values.

Analyse:

  • Identify weak points and ensure that all data is being gathered, stored and used ethically and transparently.
  • Ensure that the risks of data mis-management are fully understood and mitigated across your organisation (ie. captured and considered in your organisation’s risk register)

Transform:

  • Make sure that the data you need to do your job is readily available and can be accessed quickly in the event of a crisis.
  • Consider publishing public-facing, data-driven dashboards – showing your organisation’s performance across key metrics.
  • Make data protection an integral part of your risk register and your crisis management response.
  • Ensure that people in the business understand the company’s responsibilities, processes and commitments concerning data.
  • Address any skills gaps.

Advocate:

  • Provide a strategy to communicate to your audience why your company takes CDR seriously and the measures to ensure these principles are upheld.
  • Be transparent about company policy concerning data, especially what your organisation is/ is not prepared to share and how it will do so safely.

With the requisite infrastructure, skills and plans in place, you can be confident in your ability to communicate your organisation’s use of data openly and positively, both for growth and in times of crisis. As a communication strategist, being an expert in your organisation’s data policy and practice will enable you to protect and enhance its reputation.

Allegory has been working in this field for nearly ten years and is passionate about best practice in communicating about and with data. Please get in touch if you would like to find out more about our data governance workshops for communication and marketing professionals. Our mission is to use our expertise and our network to help organisations embrace data for positive change and the greater good.

COVID-19 pandemic: Public opinion shifts on data and tech

hand and speech bubbles to represent opinions

The public is broadly supportive of the application of data and technology during COVID-19 but governance and transparency are critical to trust.

Public attitudes towards data and technology have significantly shifted during the COVID-19 crisis thanks to tools aimed at suppressing the virus and coping with its effects.

Data-driven technology has been used effectively in response to the pandemic and to mitigate the impact of lockdown.

These are the headlines of a report called COVID-19 Repository & Public Attitudes published by The Centre for Data Ethics and Innovation (CDEI).

The CDEI has explored the application of data and technology during the pandemic and documented them in a repository. It also conducted a longitudinal survey of public opinion among 12,000 individuals between June and December 2020.

The report records a broad range of applications including contact tracing and an algorithm to determine qualifications in the absence of exams.

Other innovative applications include drones used to deliver medical supplies in remote regions and the creation of health equipment databases to monitor the availability of assets in the NHS.

The CDEI report suggests that the use of digital technology has increased since the start of COVID-19. It suggests that this trend is likely to continue the long-term, pointing to changing attitudes resulting from the benefit observed during the crisis.

Awareness of technology and adoption during COVID-19

Almost three-quarters (72%) of the UK population believe that digital technology has the potential to be used in response to the COVID-19 outbreak. It’s a view that is consistent across all demographic groups and regions.

However not everyone thinks that the full potential of data and technology is being realised. Fewer than half (42%) believe that digital technology is making the situation in the UK better, and 39% said they thought the technology is not being used properly.

Governance and transparency critical to public trust

Governance and transparency are the primary concern of the public in ensuring trust in data and technology. Almost a quarter of the public (24%) do not believe that the right rules and regulations are in place to ensure that digital technology is used responsibly in the UK’s COVID-19 response. This is largely consistent across age, region, and gender.

More than two in five people (43%) believe regulation is appropriate. 39% of younger people would know where to raise these complaints if governance was failing. This falls to 14% for older people.

Media coverage of data increased during COVID-19

Social media has seen a boom during the pandemic however when it comes to news consumption, traditional news sources remain the dominant source. Media coverage of artificial intelligence (AI) and data-driven technologies is contributing to public discourse and adoption.

According to the CDEI report there has been a 54% year-on-year increase in the number of articles in UK newspapers reporting on topics such as AI, algorithms, and data. The increase is driven by the pandemic notably among tabloid media.

CDEI is an independent expert committee, led by a board of specialists, set up and tasked by the UK government to investigate and advise on how we maximise the benefits of data-driven technologies.

Are communications professionals prepared for a data breach?

Balloons flying away to depict the escaping of data

Are communications professionals prepared for a data breach?

 

During last week’s keynote speech at the DataComms conference, our CEO Emma Thwaites polled the 200 or so communications professionals in attendance, on how prepared they were to respond to a major crisis situation involving data e.g a data breach.

Only 12% of the audience felt they were very prepared, with almost a third saying they were unprepared. 

 

Why this is a problem

Recent analysis has shown fines imposed by EU authorities under GDPR have increased by 40% in the past year, which tells us:

1. Businesses are being held publicly and financially accountable with increasing frequency

2. Corporate communications teams have another reputational risk to worry about

Like any crisis communications plan, having a good understanding of the risks, mitigating these risks, and being able to respond quickly is key. But as our mini poll suggests, if almost a third of senior communications professionals feel unprepared to deal with these issues, many businesses could be at risk of reputational harm.

 

All businesses aren’t created equal

For organisations with deep pockets, monopolistic positions and loyal users (i.e ‘big tech’), the financial and reputational damage of a GDPR fine is likely to have less of an impact, for now, compared with other sectors. 

Where we see a bigger problem in the short term is in sectors with high levels of competition, where consumers can more easily switch to rival brands without compromising on quality, price, choice or time already invested. Businesses that heavily rely on data and AI, e.g supermarkets, insurance providers or banks, face the highest risk, but it could equally include many smaller businesses too.

Customers, users and investors are becoming much wiser when it comes to Corporate Digital Responsibility (CDR) – that is, how seriously an organisation takes its responsibility to use and develop data and AI in ways that are safe, trustworthy, ethical and wise. As awareness of CDR grows, so does the likelihood that people will vote with their feet and their wallets when businesses get it wrong.

Here’s a thought: Just as Skyscanner now highlights CO2 emissions of certain routes to help travellers make more eco-friendly choices, what if we also had a CDR score when it comes to renewing our car insurance, or choosing who to bank with?

 

 

What can communications professionals do?

Corporate communications teams work as the enhancer and protector of the company’s reputation. Understanding data and AI, and the potential reputational risks when things go wrong is now very much part of the role. As a starting point for any comms professional thinking about these issues, we’d suggest:

  • Have a good understanding of how your organisation holds and uses data and artificial intelligence
  • Make sure your organisation – from the top to the bottom – understands their responsibility around data and AI, and the potential reputational risks
  • Review your crisis management plan, and make sure your response to any data and AI issues is up-to-date and robust
  • Consider your communication strategy around your organisations’ commitment to taking its corporate digital responsibility seriously

 

If you want to speak with us about any of the points in this blog, please get in touch here.