Data protection and corporate social responsibility are not words you often hear in the same sentence.
That’s not only a great shame, but it’s also irresponsible. Let me explain what I mean.
First, let’s go back to basics:
Corporate means relating to a company or group.
Social means relating to society, aka you and me.
Responsibility means the state of being responsible, answerable, or accountable.
I think, and hope, that we’ve moved on from the view that corporate activities are solely about profit maximisation. Every business, however large or small, is part of a wider society and impacts its people, customers, community, and environment in a myriad of ways.
In recent years, we have been recognising and responding to that in a more enlightened way. Consider it, perhaps, as an expression of conscience.
So, where does data protection come in?
Take a moment to think about our daily lives at work and home. Can you think of any aspect that does not involve personal data being collected, used, created, or manipulated?
If you’ve got an iPhone or a smart device of any kind, then the data trail you leave behind is enormous. Even if you don’t, your data is everywhere – from your doctor’s surgery to the tax office and everything in between.
We live in a world immersed in and driven by our data. And what happens to that data happens to us. Data can be a huge force for good. It can drive innovation, efficiency, and quality of life. But it can also do the opposite; we don’t have to look far to see the evidence.
Think about what would happen if:
Your health data were misplaced or inaccurate.
The hospital where you were a patient experienced a cyber-attack.
A criminal gained access to your personal details, including your banking information.
So, to answer the question of where data protection comes in,
The answer is that if we want and expect our businesses (both the ones we work for and the ones we interact with) to treat us with respect, act with integrity, and have a conscience, that will, by definition, have to involve consideration of how they treat our personal data.
I am and always have been, of the view that we are more than the laws that govern us. Treating each other ethically is about so much more than complying with the law.
Data protection is a starting point and gives us a framework within which to work. But organisations that are serious about ethical behaviour need to commit to broader values and an approach that embraces the true meaning of the words ‘corporate social responsibility’.
So much of our lives and our world is complicated. Equally, sometimes, the most important things are the simplest.
I remember reading a book called The Water Babies as a child. The story had a character called ‘Mrs Do-as-you-would-be-done-by’ – a simple but powerful principle.
Your data matters because you matter. The data of those you handle matters for the same reason. Treat their data (and them) in the way that you would wish to be treated yourself. A world that paid a bit more attention to that would be a world where CSR was simply ‘business as usual’.
It’s not just aspirational; it’s possible – but only if we make it so.
Need some help?
If you’re ready to commit to ethical behaviour in your business, work with our data and ethics advisor to create an action plan.
