PR TECHNIQUE: Newswires: Safeguarding against bogus releases

Distributing a false press release can turn into a newswire's worst nightmare. Sara Calabro looks at newswire security measures and how a breach should be handled.

Distributing a false press release can turn into a newswire's worst nightmare. Sara Calabro looks at newswire security measures and how a breach should be handled.

Earlier this year, Internet Wire (IW) unknowingly issued a phony press release about Cel-Sci. The release, which announced a partnership between the Virginia-based drug company and Japan's Takeda Chemical Industries, caused Cel-Sci's stock to rise $.08 on the day it was issued. In response to the debacle (reminiscent of two years earlier, when a former IW employee sent out a false release about Emulex Corporation), CEO Jim McGovern said, "It is inevitable that parallels are going to be drawn, but the Cel-Sci incident is different. It was a much more sophisticated attack than the one in 2000. In fact, because of what happened with Emulex, we have a stronger security and authentication environment than anyone in the industry." So how do newswires secure their operations to prevent future incidents such as those involving Emulex and Cel-Sci? And in the event that a dreaded breach of security occurs, what is the best way to handle it? Above all, carefully, according to Ron Wolf, cofounder of Ascribe, disseminator of collegiate and nonprofit news. "The ability to distribute news directly to major national media is incredibly powerful, and therefore, it is vulnerable to abuse." All newswire services target two security checkpoints: membership authentication and release verification. Before content of a news release even becomes an issue, it is imperative that newswire companies take the time to understand who they are accepting news from. Memberships should only be granted to applicants who can prove themselves credible. "We are not a retail storefront that will take content from everyone," explains David Armon, PR Newswire's president of the Americas. Although many newswire companies have technology in place that allows new clients to sign up for services online, personal interaction needs to accompany that option. Brian Taylor, director of sales and marketing for US Newswire, says, "You have to get to know your clients. Relying solely on technology is not a good idea because there is always a chance it can fail. Having a personal backup can save you." Sitting down and discussing strategies with potential clients is recommended for ensuring that services are only being provided for legitimate reasons. At this time, it should be determined who the authorized users are within an organization. The wire service can only distribute news that comes from those users. If an organization wants its PR agency to be authorized to send out releases on its behalf, it needs to inform the newswire company of that. Once membership has been granted, most wire services recommend that authorized users go through a secure server when submitting a release for distribution. Recognizing that there are circumstances under which it is impossible for a client to use the secure server, newswires do not require it. Security measures, however, are heightened in such situations. "In an instance where something needs to go out immediately from someone's home e-mail address, or needs to be dictated over the phone, we make sure to verify and verify again that it is coming from an authorized user," explains Taylor. He notes that clients always appreciate getting the extra follow-up calls. "They find comfort in knowing we check everything that goes out." At PR Newswire, regardless of whether the release comes through its secure server, PRN Direct, it is company policy that an outbound phone call be made to verify that the news came from a valid source. Even if an authorized user calls in to follow up on a release, an additional outbound call is still made for verification. "There is a fine line between customer service and a high degree of security," says Armon. In other words, even if it becomes slightly tedious for clients, you can never be too careful. Once it is determined that a release has come from a valid source, the final step in ensuring the information is legit is checking the content of the release itself. In doing this, the general rule of thumb is that if it looks too good to be true, it probably is. Notable red flags to look out for are announcements of mergers and acquisitions, executive-level hires or departures, or new "revolutionary" products. Any potentially "market-moving news," according to Michael Shuler, SVP of sales for IW, should always be handled with caution and given a second look. Assuming all the appropriate measures are taken, it is highly unlikely that a phony or misleading press release will make it through a newswire's systems. However, it is naive to discount human or technological error, and therefore, any possibility of a security violation. In the event that a release is distributed when it shouldn't have been, the wire service should make its CEO and other relevant members of senior management widely available for comment on the situation. "If a false release goes out, it should be treated as a crisis situation," warns Manny Ruiz, president and CEO of Hispanic PR Wire. "Investors need to be assured that the newswire service is not at fault, and the only way to do that is to put your CEO out there to relay all the correct facts." Business Wire's Phyllis Dantuono, SVP of national bureaus, notes that before a company's CEO answers any questions, however, it is necessary to gather all of the appropriate facts. Offering speculation out of an immediate reaction of panic can be detrimental to your wire service's reputation. Primarily, concrete confirmation needs to be received from the companies involved that the release should not have been distributed. Secondly, exactly where the false information was sent should be identified. "You don't want to start running in every which direction trying to seal things up before you know how far the information has gone." Once the locations of the phony release have been discovered, the wire service should issue a "kill," which is an advisory sent out to all those who received the false information, asking them to disregard it. Dantuono warns that such a procedure should not be used lightly. "Regardless of whether or not your service is at fault, issuing a kill is an admission that something sent out over your wire was not right. That is not something you want to admit unless it is absolutely necessary." -------------- Technique tips Do get to know your clients. Relying solely on technology is not a foolproof system Do make your CEO as available as possible for comment in the event of a false release being sent out Do ensure that every release goes through the necessary levels of authentication and verification Don't hesitate to refuse potential clients if their qualifications seem somewhat suspicious Don't offer speculation about how or why a false release may have gone out. Gather all of the facts before addressing the media Don't issue a "kill" before you are absolutely certain one is necessary

Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Already registered?
Sign in