Inside 1to1:Privacy

For CPOs and Their Firms, Good Will + Competence = Trust

May 1, 2007

By Don Peppers and Martha Rogers Ph.D.

Chief Privacy Officers can feel like the neglected stepchildren of their companies. Often brimming with knowledge about how all corners of the business use information to create value, few CPOs have been invited to the Executive Committee retreats where business strategy is formulated.

That might be starting to change. People who work with executives across the country say there's been a recurring theme of discussion for the past two years: trust.

Starting with the Enron-related accounting scandals, flowing into the backdating of stock options for executives, the HP pretexting scandal, and finally, the spate of publicized breaches of information security, the C-level leaders know they're managing amidst a crisis of trust.

We anticipate that trust is very likely the 'Next Big Thing' in business. It's a natural realization once a company shifts its focus from current transactions and commits to building the lifetime value of customers. Customers will only come back again to companies they trust. They will only recommend companies they trust to others.

Executives have been asking how they can restore stakeholder trust in their organizations, and some business researchers have been listening.

Stephen M.R. Covey, son of the Seven Habits guru, last October published The SPEED of Trust: The One Thing that Changes Everything. In the book, Covey lays out a multi-component framework for earning personal and organizational trust. In his section on stakeholder trust, for example, he proposes that companies need to create "alignment" trust with their employees, "reputational" trust with the market, and "contribution" trust with society.

Earlier in 2006, Dennis and Michelle Reina published Trust and Betrayal in the Workplace: Building Effective Relationships in Your Organization, where they similarly defined a framework for building organizational trust. In their section on "Transactional Trust," three of their key components included Contractual, Communication, and Competence trust.

What does this have to do with Chief Privacy Officers? Neither of these books, after all, focused on privacy per se. It's this: On the tactical level, it helps to read the same books your CEO is reading in order to align your presentations to the concepts dominating his or her thoughts. But at a more strategic level, this C-level conversation has given CPOs an opening to show where their agenda fits into the trust equation. In the Information Economy, where companies across every sector have come to depend on customer and employee information systems, privacy has become one of the currencies of trust.

However, we know that privacy is usually the most tangible aspect of trust between customers and companies.

Whether a company only drills oil or builds roads, or instead does business with millions of financial consumers, today it depends on a network of information systems. And the use of those systems depends on suppliers, customers, and employees trusting in their privacy protections.

The research of the Ponemon Institute has regularly borne out this result. In its annual "Most Trusted Companies for Privacy" study, it's identified two key drivers of a company's trustworthiness: reputation for product or service quality, and respect for privacy.

In other words, where privacy is concerned, Quality + Privacy = Trust. Companies can have great products, but if they lack privacy, they'll ultimately lose the trust of their stakeholders. The opposite is also true.

The Ponemon Institute recently completed another study of more than 125 privacy trust studies conducted between 2002 and 2006, including the landmark work done by Alan Westin and his Privacy & American Business. Ponemon found that 8 percent of Americans are "privacy-centric," 73 percent are "privacy-sensitive," and 19 percent are "privacy-complacent."

CPOs can help create the communications strategies for approaching the "privacy-centric" employees and customers and driving measures and management for behavioral results where none existed before.

Webster's defines trust as the "assured reliance on the character, ability, strength, or truth of someone or something." A window is open in many companies to add an appendix to this definition: "See CPO."