ANALYSIS: Political PR - A unique PR mantra: silence can be golden Companies need to convince consumers that they aren't misusing the massive amount of information they hold on people. Julia Hood reports on the new breed of privacy officers.

We may be well past 1994, but consumer unease over the Orwellian 'Big Brother' effect has never been higher. Over recent months some of America's biggest companies have begun to address concerns over the quantity and type of information that they hold from customers by appointing privacy officers. These executives have been charged not only with making sure that their organizations toe the line legally, but also that they are seen doing the right thing, a politically sensitive PR role.

We may be well past 1994, but consumer unease over the Orwellian 'Big Brother' effect has never been higher. Over recent months some of America's biggest companies have begun to address concerns over the quantity and type of information that they hold from customers by appointing privacy officers. These executives have been charged not only with making sure that their organizations toe the line legally, but also that they are seen doing the right thing, a politically sensitive PR role.

We may be well past 1994, but consumer unease over the Orwellian 'Big Brother' effect has never been higher. Over recent months some of America's biggest companies have begun to address concerns over the quantity and type of information that they hold from customers by appointing privacy officers. These executives have been charged not only with making sure that their organizations toe the line legally, but also that they are seen doing the right thing, a politically sensitive PR role.

In the past two months, IBM has promoted Harriet Pearson to the role of chief privacy officer (CPO), while EarthLink has tapped Les Seagraves for the same post. The two join a small but growing group of privacy authorities, charged with a broad range of responsibilities, including lobbying, consumer communication and internal policy making. Microsoft, AT&T, DoubleClick and American Express are some of the companies that have added the position in the past year.

Procedures for handling sensitive consumer data, retrieved through Internet services or other tracking methods, are increasingly scrutinized by consumer advocacy groups or the government as DoubleClick found to its cost last year. Legislation on the use of consumer information is pending on the federal level and in every state, as companies are lobbying for the least restrictive measures.

Three factors have created the environment for CPOs to breed.

The first is the 1999 Financial Services Modernization Act which requires that financial entities give notice to customers on what information is being collected, how it will be used, and offering consumers an opt-out.

Secondly, companies are reacting to the onslaught of class action suits over privacy issues.

Finally, companies are responding to the recommendation by the Federal Trade Commission that companies implement privacy policies.

But is the creation of the CPO simply a clever PR ploy, designed to persuade consumers that somebody in the cold, corporate world actually cares about the sanctity of their personal information? Or is it a good faith effort on the part of companies to ensure procedural transparency, and to protect the organization's interests in the legislative arena?

What is already clear is that those skilled in PR will be particularly useful in this new role, where the criteria for success are not yet clearly defined.

'The ideal CPO is a lawyer, a consumer advocate, an engineer, a former regulator, a pollster, a PR expert, an auditing expert, with a Ph.D. in technology who is 24 years old,' says Jules Polonetsky, Double-Click's CPO.

One of the most important aspects of the job is participating in public policy debates with state and federal legislators. 'It's been interesting this last couple of years,' said Earthlink's new CPO Les Seagraves. 'In the beginning the industry as a whole was looking for self-regulation.'

But with some 1,500 bills related to privacy introduced in the past two years, Seagraves, who previously worked in Earth-Link's legal department, said the industry had to face a hard truth. 'The writing is on the wall that there will be legislation,' he says. 'The industry is saying we'd better do something.' Industry priorities include securing federal preemption, so companies won't have to oblige 50 different state regulations.

Seagraves says that EarthLink has never tried to use its customer information for profit, and the company created an Internet bill of rights for consumers.

Seagraves will also manage a privacy council (made up of employees), conduct audits, and develop consumer education materials. One key PR feature of his strategy is to educate consumers about how to protect their privacy online.

Internal communications is a critical feature of the job. At IBM, Pearson maintains her appointment was a natural progression for a company that has made privacy a priority for decades. 'In the late 1960s, IBM implemented a global privacy policy for employees,' she says. 'Since then we've internally been very thoughtful about how information is treated in our company.' Pearson has worked for IBM for 10 years, directing public policy work in areas such as consumer protection and health care.

Pearson will focus primarily on ensuring that all 300,000 IBM employees have a thorough understanding of all aspects of privacy. This involves setting up an Intranet resource on the subject, and unifying the global privacy projects across the company.

Her appointment excited quite a bit of media attention, even though her actual activities will be largely internal. 'I'm not sure there is an expectation in the public,' she says. 'But I believe we struck a chord with the announcement. IBM in its actions can act as a bellwether. In this way we've indicated this trend is going mainstream, getting institutionalized.'

Michael Lamb was appointed CPO of AT&T in June 2000, where he works to ensure the new technologies and services meet consumer privacy expectations.

AT&T had one privacy hiccup last summer with its wireless customers. 'When a wireless customer visited the Web site, the Web site could see what the wireless phone number was,' Lamb says. 'Although we disclosed it, the customers did not like it.' It fell to Lamb to reassure consumers through the media that the Web site was altered. Understanding technology, Lamb says, is essential to success in his job.

PR clearly has a role to play in privacy, but is the whole job just a PR invention by companies in trouble? Polonetsky was hired at DoubleClick in March 2000, in the wake of the company's privacy headaches. Formerly a New York City consumer affairs commissioner, Polonetsky may be the most scrutinized CPO in the US.

His job involves working with internal marketing teams to ensure compliance.

He also participates in a number of industry groups, such as the Privacy Leadership Alliance, interested in implementing a broad national effort to raise privacy standards. DoubleClick also advises clients on practices through a series of events called 'What's Clicking on Privacy.'

'I see my role here as an inside watchdog,' Polonetsky says. 'My job isn't to worry about revenue and business deals, but to see that we are insuring that the company is responsible about handling client and consumer information.'

Not everyone has embraced the notion of the CPO. 'I'm slightly ambivalent about it,' says Jason Catlett, president of Junkbusters, a privacy advocacy and consultancy. 'Some companies have appointed them purely as a cosmetic measure.'

Catlett cites DoubleClick as an example of a company initially retained a CPO as a PR ploy. 'DoubleClick, in February 2000, started responding to the firestorm it had created by bringing out a five point package which was entirely cosmetic, one of which was appointing a CPO,' he says.

But Catlett acknowledges DoubleClick did follow up the CPO hire with positive action. 'In March the company did make a substantial change in policy. Whether it's because of (new CPO) Jules (Polonetsky) or not is difficult to know.'

Ultimately, the role of privacy officer may represent the very best example of PR. The lobbying and communication demands of the position fall squarely in traditional PR territory. Perhaps most importantly, the CPO must be constantly aware of what consumers expect from the company. Responding appropriately to problems and concerns is the essence of effective PR.

But unless the company is prepared to back up the rhetoric with sound policies, organizations like Junkbusters will be quick to expose the CPO as window dressing.

And the CPO will certainly be in the media hot seat if the company's privacy system goes awry. 'It only takes one slip by a junior person to cause a major embarrassment,' says Catlett. 'Then you have to explain on CNN how you will fix it.'





Have you registered with us yet?

Register now to enjoy more articles and free email bulletins

Register
Already registered?
Sign in