Let’s start the conversation on Corporate Digital Responsibility

It was fantastic to be part of the CIPR – Chartered Institute of Public Relations national conference today where we hosted a session on ‘Corporate Digital Responsibility (CDR) – What You Need To Know Right Now’. Chaired by Allegory’s Associate Director Iain Aitch, our panel included: Allegory CEO Charlotte McLeod; Anne Gregory, Professor Emeritus in Corporate Communication at The University of Huddersfield; and Rob Price, Director at Alchemmy and founder of corporatedigitalresponsibility.co.uk

Allegory is a strategic communication agency that helps organisations lead the conversation on technology. That includes us, too. For the past ten years, we’ve been working with one of our clients, the Open Data Institute (ODI) co-founded by Sir Tim Berners-Lee, inventor of the World Wide Web. Just last week, Tim and I were chatting about how much the world has changed in the last decade, and now Allegory wants to help fellow communicators be a driving force for good in the emerging CDR field. 

Communicators should be proactively helping organisations to identify, address and prepare for the challenges, risks and opportunities – both existing and emerging – in the digital world. We know that when a data-related crisis reaches the public’s awareness, or that of any external stakeholder, it will fall to us to deal with. This means that communicators being ‘front-footed’ on CDR is in everyone’s best interests.

The panel first worked together on the subject of CDR back in April, when Allegory convened a roundtable discussion that led to the publication of our report on the subject – available to download here

Allegory saw a gap in available resources for communications professionals, which is why we created a six-stage practical framework (below) that helps communicators get CEOs and boards talking about CDR, and taking steps to address both the opportunities and risks inherent in CDR.

It is quite likely that your CEO or board may never have heard of the term Corporate Digital Responsibility, though once put to them, it has a ‘Ronseal’ appeal. We’ve reached a tipping point in history, where every business – regardless of size, service, or sector – is a data organisation, so they simply can’t ignore it. CEOs may naturally want to confine CDR to being an issue for the IT department to manage (perhaps because of their own low level of interest in data and digital), but data is always about people, and the CEO is ultimately accountable for responsible business practice.

If your organisation gets CDR right, it can help you to generate funding and retain investment. It can help attract and retain the best people, as well as maintaining and building your own reputation. That’s money, people, and reputation all at stake. 

One of the best ways to start a conversation with your CEO is to use the existing language that boards know. The CEO might say to you: “Where does CDR fit in, it feels like it is the G bit of ESG*?”. Actually, CDR sits across all three areas of ESG. It is like the nervous system of the body of an organisation and affects every person and team within it. In that way, it is a bit like the EDI** agenda. If you can get the CEO’s buy-in, it will trickle down and permeate the organisation. If it’s just stuck within the IT department, then it won’t get the level of board understanding needed. When things go wrong, it will ultimately land back on the communicators’ laps to sort out the mess.

* ESG (Environmental, Social and Governance) represents a more stakeholder-centric approach to doing business. ** EDI (Equality, Diversity and Inclusion) ensures fair treatment and opportunity for all, by eradicating prejudice and discrimination on the basis of an individual or group of individual’s protected characteristics.

The good news is that the only way to get CDR wrong, is to do nothing. It’s an emerging issue and everyone is in the ‘Discovery phase’ for now. The next bit of good news for boards is that they shouldn’t be expected to have all the skills needed to address this, quite the opposite. Successful CDR requires a multi-stakeholder approach, a strong CDR culture and community of practice – all of which communicators can help convene and create.

Six steps to protect your business from digital risks

Practical steps you can take right now to identify challenges, mitigate risk, build a CDR culture and prepare an effective communications function to deal with challenges in advance.

1. Conduct a landscape analysis audit

By the time a problem gains the attention of the public, it’s too late to stop the media fallout. A full landscape analysis will help you identify the potential threats to your business in advance and prepare you to fix them quickly.

Key activities:

  • Identify and interview key stakeholders (CEO, CTO, Head of Marketing etc.)
  • Run a workshop to map risk factors, opportunities and audiences (SWOT/PESTLE analysis)
  • Write up workshop results and publish them internally

2. Plan communications strategies

With your key threats identified, it’s prudent to have communications plans in place to deal with them if and when they arise. Make sure you plan carefully for every foreseeable eventuality and include a listening strategy, as well as an outbound comms strategy, to ensure you’re one step ahead of the conversation.

Key activities:

  • Analyse existing policies and practices, channels and stakeholders
  • Hold a workshop to map strategies to threats and opportunities, noting any gaps
  • Develop CDR-specific reactive ‘Lines to Take’ and brief relevant stakeholders

3. Build a strong community of practice

No single team member has all the skills to address Corporate Digital Responsibility. You’ll need a multi-functional approach that engages with all key stakeholders if you want to succeed. Start by identifying essential personnel to form your CDR team. C-level executives will be the foundation – they’re ultimately responsible for digital security – but technology and communications experts are an essential piece of the puzzle, too. You might also consider including those most at risk from data breaches to ensure a participatory approach to CDR. Remember, diverse voices give you a better chance to identify threats and opportunities.

Key activities:

  • Hold a workshop to identify and prioritise stakeholders
  • Convene a working group of stakeholders and agree on an operational memorandum
  • Launch the working group publicly to key audiences

4. Ensure effective horizon scanning

The playing field of digital technology is constantly changing, so you’ll need to create a function dedicated to monitoring your organisation’s environment. This is key to understanding challenges at the earliest point in their lifecycle. With a close eye on the changing landscape, your team can ensure you have the correct procedures in place to combat emerging threats. 

Key activities:

  • Review identified stakeholders, policies and procedures
  • Hold a workshop to map key stakeholders’ sensitivities and identify potential critics
  • Map prominent individuals and groups, identify their position in advance and develop engagement strategies

5. Plan your internal communications architecture

CDR may be a leadership-level responsibility but it’s a team effort. Employees are a critical audience you’ll need to engage with to ensure compliance across your organisation. To mobilise their resources, you’ll need to communicate effectively with them. 

Key activities:

  • Review existing communications processes and procedures, as well as past successes and failures
  • Conduct a deep dive into engagement channels and map the most effective strategies
  • Plan communications monitoring and analysis across a set timeframe (6 to 12 months)

6. Plan to manage stakeholder engagement

Customers, partners and other external stakeholders have their own parts to play in managing data security. You’ll need to make sure they’re aware of their responsibilities, as well as the consequences of their actions. Governance is most effective when it’s run on a participatory model, so include stakeholders from the ground up. Remember, open and transparent communication is the foundation of trust. Never hesitate to bring your audience into the conversation.

Key activities:

  • Create a deep-dive stakeholder engagement report as a framework for your messaging strategy
  • Develop messaging and materials
  • Build reactive ‘Lines to Take’ and brief key stakeholders

Of course, each of these key activities represents a great deal of work on behalf of your team. However, these six steps offer a framework for organising your CDR activities to ensure great outcomes. To learn more about the process in action, reach out to us by emailing rachel@allegoryagency.co.uk. We’re experts in delivering quality Corporate Digital Responsibility strategies for leaders in the technology space. You can also download our latest report on CDR here.

Communications directors need to act on Corporate Digital Responsibility (CDR)

Corporate Digital Responsibility (CDR) is an emerging area of interest for organisations. It blends ethics and governance issues with consideration for how they apply within the digital domain. CDR has moved up the corporate agenda in the past two years because of the growth of digital technology. High-profile security and technology failures by organisations have put CDR in the spotlight.

In the past, marketing departments were the sole operators of data and digital technologies. Today, whole businesses are built on data and digital content.  It’s used for hyper-targeting, behaviour change and many more business-critical functions. This action creates a fundamental tension between organisations and society. Customers feel overwhelmed by terms and conditions and manipulated by companies that use their data. Meanwhile, social responsibility is a growing concern for customers.

Risk Issues in Corporate Digital Responsibility

High-profile CDR failures have put digital ethics on the corporate agenda. A 2016 cyber attack at the UK Post Office left personal data vulnerable to exploitation. In 2019, managers removed facial recognition systems from King’s Cross Station after protests. In 2021, the Organisation for the Review of Care and Health Apps (Orcha) found that only one in five apps meets clinical standards of data integrity. Innovation in data and digital technologies often leads to conflict with regulation.

When individuals share their personal data with an organisation, they expect it to be handled securely. However, data breaches or leaks have become commonplace. Facebook is under investigation for a possible breach of EU privacy laws after the sharing of 533 million users’ data.

Defining Corporate Digital Responsibility

The rapid digital transformation of modern organisations requires responsible action on technology. That means upgrades to corporate governance and organisational practices. CDR describes the duties businesses need to embrace to manage data and digital technologies ethically. It’s corporate social responsibility for the digital world.

Data and digital can address the world’s most pressing issues like climate change, diversity, and sustainability. But misuse of data can cause serious harm, from financial damage to breaches of personal privacy. These effects have consequences for organisations’ reputations as well as their bottom-lines. The responsible use of technology is today a strategic issue.

Responsibility for CDR within an organisation

In most organisations, CDR falls into gaps between the responsibilities of the executive team. Whilst this is the case, the risks and opportunities presented by digital will remain misunderstood. Much like financial forecasting and organisational design, CDR is a strategic rather than a tactical matter.

Ultimate responsibility for CDR must lie with the CEO or managing director. But they also need the backing of the board and support from experts both within and outside their organisations. From the CTO to the CDO, CFO and HR Director, data and digital is everyone’s responsibility. Everyone within an organisation should consider it to be part of their role and work to build a culture of CDR.

Developing a CDR governance framework

The relationship between data, digital and trust is explicit. For example, there is a growing understanding of the value of data and its application. The public understands the need to share data so that organisations can understand their needs. It’s part of the process of accessing goods and services that are relevant to them. In return, they expect that data will be managed carefully and used honourably. It’s a value exchange underpinned by trust.

Prudent data management is critical to maintaining trust between organisations and stakeholders. Yet the appreciation of this area as an emerging area of corporate governance is latent. Organisations need a framework underpinned by ethics to describe the impact of their technology.

Governance frameworks must take a comprehensive approach to manage their impact on society. From search data to cookies, privacy policy and access to personal data, businesses have a range of vulnerabilities. Businesses need a broad range of ethical and technological solutions.

The role of the communication function

Communications professionals are often left to clean up the mess when an organisation faces a data breach. Most often, they’re also left out of the loop when key decisions are made around data management and processing. Comms experts have a responsibility to develop an understanding of ethical digital issues. Moreover, they must be considered key stakeholders in the decision-making process. Otherwise, they won’t be able to offer the best possible support.

Further information: CDR briefing paper and webinar

For those struggling to navigate this new area of professional practice, Allegory has published a briefing paper on CDR. You can download it via this link. And don’t forget, you can always contact us if you have questions about the responsible use of technology.

Contact: Iain Aitch, Associate Director

iain@allegoryagency.co.uk

The newbie: what I’ve learnt in my first month at Allegory

Starting your first proper job after university is bound to be a little nerve wracking, but what about when you’re working from home and you haven’t met all your colleagues in the flesh?

I wasn’t sure what to expect as the newest full time member of Allegory Communications, given the pressures of remote working, and the general economic uncertainty – yet, my first month has been truly amazing. My colleagues have made me feel unbelievably welcome and I got a feel for the team’s warmth and positivity very early on.

Our daily team meetings are a perfect start to the day. It’s a great way to check in with the whole team and find out what their priorities are for the day ahead. It adds a personal touch to the new ways of virtual working. 

I was expecting to be doing tedious admin-type tasks that no one else wanted to do and yet, I was so wrong. At Allegory, I have truly been in the midst of it all: pitching to journalists, meeting influencers from across the world and creating exciting new content for our clients and platforms. 

I think the best aspect of Allegory is that the team gives you the opportunity to have a go at everything. This can seem daunting at first as the newest member of the team, but even as a newbie, the team genuinely values your opinion and input.

Being split across business development and client facing work means that I get to experience the best of both worlds: working with clients that are at the pinnacle of their industry, while also getting to work on new and exciting internal projects. The variation keeps you on your toes!

When people say that agency life is fast-paced, they really mean it. With a packed diary and multiple meetings a day, it is impressive how the team juggles different projects and deadlines. Being new in the industry, it is pivotal to stay organised and on top of your workload.  

Begin the day prioritising your to-do-list

It’s easy to become bogged down with multiple tasks and approaching deadlines. It’s crucial to start your day by organising your to-do list, beginning with the most important actions first.

Block out time for urgent actions (and lunch)

The team has very different schedules and work patterns. You’ll need to be strict with your time management, while also maintaining a level of flexibility. If you want to get the work done, then block out time to do so! It is also important to block out the time for lunch, as otherwise you’ll be sitting at your desk all day. 

Ask questions (always!)

While soaking up all the new information and acronyms flying around, it is expected that you will have a million questions. The team made it clear very early on that it was absolutely okay to ask questions. The exchange of ideas can overcome any new challenges and you may find a more creative and effective solution in the process! 

Good data governance is fundamental for reputation

Emma Thwaites, founder of Allegory Communications, talks data and the way it influences our behaviour and business.

Data headlines are here to stay

Every aspect of modern life is defined or quantified by data. The Global Datasphere measures how much data is created and consumed every year. I find the scale mind-blowing – the total amount of new data predicted to be made in 2025 is 175ZB, up from an estimated 59ZB in 2020.

If you are struggling with visualising this (I did), I Googled it and, using my rudimentary maths, calculated that it’s the equivalent of 3.5 billion 4-door filing cabinets full of text. It’s unsurprising that we all somehow feel the presence of this invisible but massive force even if we only consciously think about it occasionally or never.

Data underpins the way we understand the world

Like water, electricity and roads, data is woven through the infrastructure of modern life. It influences our behaviour, our lifestyles and the choices we make. Data is increasingly the story – making front-page news and raising big political questions about transparency, privacy, and ownership. In March, research for the Centre for Data and Innovation showed an unprecedented increase in the use of data-driven technologies in the pandemic. This contributed to a 54% rise in UK media coverage of data-driven technologies in the first 12 months of Covid-19.

Things are moving so fast that the explosion of data often outpaces our ability to manage our response or understanding of it. As individuals, unpicking the truth from exaggerated claims and conspiracy theories woven with data is almost impossible. The issue is further exacerbated when data is taken out of context and manipulated to suit false narratives.

For leaders of complex organisations, keeping a grip on how data is being gathered, stored and processed is a mind-boggling task. According to a poll of 250+ business leaders, insight, marketing and communications professionals attending the recent DataComms 2021 conference, only 12% feel ‘very prepared’ to respond to a major crisis involving data, (e.g. a data breach), and almost a third (32%) stated that they would be ‘unprepared’.

There is work to be done. How we manage and communicate about data – something that was once primarily internal and often confined to ICT departments – is now very much an outward-facing concern. Whether we do it well or poorly can influence how trustworthy people consider our organisations to be. Data protection penalties are on the rise, climbing 40% in the past year (FT.com), and organisations are increasingly being held accountable for their use of data by regulators and consumers alike.

Corporate Digital Responsibility moving up the business agenda

Data is becoming a new battleground for those concerned with building and protecting corporate reputations. Consumers are data-aware as never before. While they may be happy to share personal data with organisations they trust, they are also ready to punish them for any misuse of data or perceived lack of transparency. Organisations that can master data, using it ethically and in an open and trustworthy manner, will win. Company reputations will be built on the strength of how seriously they take their Corporate Digital Responsibilities, at least in part.

So how can communicators master data? How can we make sure that we know and understand enough to advise our organisations confidently at the most senior levels? We must embrace it in its full capacity, understanding both the power it holds and the risks it may expose. Here is the basic process that we have developed at Allegory for achieving this:

Deep Dive:

  • Carry out a comprehensive data audit. What data does your organisation hold? Where is it stored? Who has access to it? What is it used for? Is it shared? How long is it kept for, and how is it protected?
  • Evaluate your data policies and procedures against your wider organisational mission, vision and values.

Analyse:

  • Identify weak points and ensure that all data is being gathered, stored and used ethically and transparently.
  • Ensure that the risks of data mis-management are fully understood and mitigated across your organisation (ie. captured and considered in your organisation’s risk register)

Transform:

  • Make sure that the data you need to do your job is readily available and can be accessed quickly in the event of a crisis.
  • Consider publishing public-facing, data-driven dashboards – showing your organisation’s performance across key metrics.
  • Make data protection an integral part of your risk register and your crisis management response.
  • Ensure that people in the business understand the company’s responsibilities, processes and commitments concerning data.
  • Address any skills gaps.

Advocate:

  • Provide a strategy to communicate to your audience why your company takes CDR seriously and the measures to ensure these principles are upheld.
  • Be transparent about company policy concerning data, especially what your organisation is/ is not prepared to share and how it will do so safely.

With the requisite infrastructure, skills and plans in place, you can be confident in your ability to communicate your organisation’s use of data openly and positively, both for growth and in times of crisis. As a communication strategist, being an expert in your organisation’s data policy and practice will enable you to protect and enhance its reputation.

Allegory has been working in this field for nearly ten years and is passionate about best practice in communicating about and with data. Please get in touch if you would like to find out more about our data governance workshops for communication and marketing professionals. Our mission is to use our expertise and our network to help organisations embrace data for positive change and the greater good.

COVID-19 pandemic: Public opinion shifts on data and tech

hand and speech bubbles to represent opinions

The public is broadly supportive of the application of data and technology during COVID-19 but governance and transparency are critical to trust.

Public attitudes towards data and technology have significantly shifted during the COVID-19 crisis thanks to tools aimed at suppressing the virus and coping with its effects.

Data-driven technology has been used effectively in response to the pandemic and to mitigate the impact of lockdown.

These are the headlines of a report called COVID-19 Repository & Public Attitudes published by The Centre for Data Ethics and Innovation (CDEI).

The CDEI has explored the application of data and technology during the pandemic and documented them in a repository. It also conducted a longitudinal survey of public opinion among 12,000 individuals between June and December 2020.

The report records a broad range of applications including contact tracing and an algorithm to determine qualifications in the absence of exams.

Other innovative applications include drones used to deliver medical supplies in remote regions and the creation of health equipment databases to monitor the availability of assets in the NHS.

The CDEI report suggests that the use of digital technology has increased since the start of COVID-19. It suggests that this trend is likely to continue the long-term, pointing to changing attitudes resulting from the benefit observed during the crisis.

Awareness of technology and adoption during COVID-19

Almost three-quarters (72%) of the UK population believe that digital technology has the potential to be used in response to the COVID-19 outbreak. It’s a view that is consistent across all demographic groups and regions.

However not everyone thinks that the full potential of data and technology is being realised. Fewer than half (42%) believe that digital technology is making the situation in the UK better, and 39% said they thought the technology is not being used properly.

Governance and transparency critical to public trust

Governance and transparency are the primary concern of the public in ensuring trust in data and technology. Almost a quarter of the public (24%) do not believe that the right rules and regulations are in place to ensure that digital technology is used responsibly in the UK’s COVID-19 response. This is largely consistent across age, region, and gender.

More than two in five people (43%) believe regulation is appropriate. 39% of younger people would know where to raise these complaints if governance was failing. This falls to 14% for older people.

Media coverage of data increased during COVID-19

Social media has seen a boom during the pandemic however when it comes to news consumption, traditional news sources remain the dominant source. Media coverage of artificial intelligence (AI) and data-driven technologies is contributing to public discourse and adoption.

According to the CDEI report there has been a 54% year-on-year increase in the number of articles in UK newspapers reporting on topics such as AI, algorithms, and data. The increase is driven by the pandemic notably among tabloid media.

CDEI is an independent expert committee, led by a board of specialists, set up and tasked by the UK government to investigate and advise on how we maximise the benefits of data-driven technologies.

Are communications professionals prepared for a data breach?

Balloons flying away to depict the escaping of data

Are communications professionals prepared for a data breach?

 

During last week’s keynote speech at the DataComms conference, our CEO Emma Thwaites polled the 200 or so communications professionals in attendance, on how prepared they were to respond to a major crisis situation involving data e.g a data breach.

Only 12% of the audience felt they were very prepared, with almost a third saying they were unprepared. 

 

Why this is a problem

Recent analysis has shown fines imposed by EU authorities under GDPR have increased by 40% in the past year, which tells us:

1. Businesses are being held publicly and financially accountable with increasing frequency

2. Corporate communications teams have another reputational risk to worry about

Like any crisis communications plan, having a good understanding of the risks, mitigating these risks, and being able to respond quickly is key. But as our mini poll suggests, if almost a third of senior communications professionals feel unprepared to deal with these issues, many businesses could be at risk of reputational harm.

 

All businesses aren’t created equal

For organisations with deep pockets, monopolistic positions and loyal users (i.e ‘big tech’), the financial and reputational damage of a GDPR fine is likely to have less of an impact, for now, compared with other sectors. 

Where we see a bigger problem in the short term is in sectors with high levels of competition, where consumers can more easily switch to rival brands without compromising on quality, price, choice or time already invested. Businesses that heavily rely on data and AI, e.g supermarkets, insurance providers or banks, face the highest risk, but it could equally include many smaller businesses too.

Customers, users and investors are becoming much wiser when it comes to Corporate Digital Responsibility (CDR) – that is, how seriously an organisation takes its responsibility to use and develop data and AI in ways that are safe, trustworthy, ethical and wise. As awareness of CDR grows, so does the likelihood that people will vote with their feet and their wallets when businesses get it wrong.

Here’s a thought: Just as Skyscanner now highlights CO2 emissions of certain routes to help travellers make more eco-friendly choices, what if we also had a CDR score when it comes to renewing our car insurance, or choosing who to bank with?

 

 

What can communications professionals do?

Corporate communications teams work as the enhancer and protector of the company’s reputation. Understanding data and AI, and the potential reputational risks when things go wrong is now very much part of the role. As a starting point for any comms professional thinking about these issues, we’d suggest:

  • Have a good understanding of how your organisation holds and uses data and artificial intelligence
  • Make sure your organisation – from the top to the bottom – understands their responsibility around data and AI, and the potential reputational risks
  • Review your crisis management plan, and make sure your response to any data and AI issues is up-to-date and robust
  • Consider your communication strategy around your organisations’ commitment to taking its corporate digital responsibility seriously

 

If you want to speak with us about any of the points in this blog, please get in touch here.