Digital Social Responsibility: Search for a Sound, Responsible Information Society

October 29, 2008

Jun Kurihara, Senior Fellow, Ash Institute for Democratic Governance and Innovation, John F. Kennedy School of Government, Harvard University
Charla Griffy-Brown, Associate Professor of Information Systems, Graziadio School of Business and Management, Pepperdine University
Harriet Pearson, Vice President, Regulatory Policy and Chief Privacy Officer, IBM Corporation

Devin Stewart, Director, Global Policy Innovations, Carnegie Council for Ethics in International Affairs

A distinguished panel of experts on globalization and information systems met at Japan Society to discuss how U. S. and Japanese firms should position and promote their corporate social responsibilities in a digital world.

Just the evening before, Yahoo, Google and Microsoft signed an agreement on human rights guidelines for the Internet, noted moderator Devin Stewart of the Carnegie Council for Ethics in International Affairs. The accord "came about as a result of pressure from international NGOs to address some concerns about Internet companies doing business in China," and early analysis suggests that it is a promising first step. The hope is that the three companies "will try their best to have a less negative impact on human rights," which can include issues of corruption, access to information and access to courts--"the whole gamut," Mr. Stewart said.

Corporate social responsibility, or CSR, means investing in the larger development of society, including education, the environment, aid to the poor and health care, said panelist Charla Griffy-Brown of Pepperdine University. As social media like YouTube, MySpace, Facebook and Mixi create "a transformation of the social logic," there's broad agreement among corporate executives that information stewardship, managing and setting policies for data accuracy, security and access across an enterprise, is an essential part of CSR. However, it's not clear how closely practice follows principle: A 2006 Techweb survey showed only about 40 percent of global firms are investing in this area, she said.

Professor Griffy-Brown reported on a study she and colleagues did on information stewardship at a number of American and Japanese enterprises, including both corporations and government agencies. Early on in the study, participants were asked to identify core values. U.S. and Japanese firms alike named four central elements of information stewardship: privacy, accuracy, property rights and accessibility. A later phase studied decision-making in a simulated exercise, and here, preliminary results show some cultural differences, she said. Employees were asked to perform a task that could, though not necessarily would, compromise information security. Among employees in the Japanese firms, agreement to take on the task was universal, whereas in the American firms, 70 percent of those studied agreed to take on the task--still a large majority, but reflecting in her view the greater license that American cultural norms give to employees to say no to the request of a supervisor.

In terms of their CSR and information stewardship goals, the firms studied fell into three categories, she continued. Some were "looking for a reputation boost, for some recognition for social service." Others had a specific strategic goal in mind. "But the most interesting group of companies," albeit the smallest, "were those that were trying to look at large systems transformation, sometimes in very targeted areas, which they ultimately felt would have a dramatic impact on their ability to be profitable in the future."

The digital divide, the gap between those who have access to digital and information technology and those who do not, is a daunting quandary, Professor Griffy-Brown said. "Access and participation are essential parts of what Pierre Lévy calls our collective intelligence. And he links this to the prosperity of every nation, or even every firm, because it depends largely on their ability to navigate this knowledge space that is being created."

"We've come to realize more and more that poverty is not just a lack of economic income, but it's the inability to realize human capacity."

In the broadest sense, she said, digital social responsibility means that digital technology "should be used in a way in which the dignity, self-esteem and capacity of each person are enhanced." In their use of these tools, members of society are not consumers but participants in a community. The guiding philosophy of Internet firms and those who govern should be "avoiding exploitation, avoiding the creation of dependencies, enhancing the role of openness and transparency, and allowing people to essentially shape their own future."

For Jun Kurihara of Harvard's Kennedy School of Government, the first order of business for Japanese firms is to help create an information-energized "e-Japan," a Japan that is strong enough to deal with crises of all kinds, whether natural disasters, pandemics, economic crises or terrorist attacks. During a crisis, "the entire community, including individuals, businesses, schools, hospitals and government offices, all are concerned about information--for security and for economic reasons, how to put ourselves back to business as usual and as soon as possible."

Business continuity management has long been a focus in Japan, not surprising given the island chain's unstable geology and the powerful storms that sweep in from the Pacific, Mr. Kurihara pointed out.

Everyday business continuity management tools, from diagnosis and impact analysis to preventive measures, on-demand planning and information networks, can be of benefit well beyond their contributions to the profitability of individual companies, he suggested. Thus Wal-Mart was a lifeline during Hurricane Katrina, and indeed outperformed FEMA, the U.S. Federal Emergency Management Agency, precisely because of the strength of Wal-Mart's business continuity and supply chain management systems.

In a networked society, it's well recognized that the greater the number of network members, the greater the benefits of being networked, Mr. Kurihara said. Global networks are more efficient and more flexible, but there are tradeoffs. An accident at a chip manufacturing company in Taiwan may hurt tech firms not just in Taiwan but also in Japan and elsewhere around the world. In July 2007, the Niigata earthquake idled an important supplier of parts to Nissan, and Nissan itself had to stop production even though its plants weren't at the actual site of the earthquake.

"Externalities matter!" he exclaimed. It's not easy to figure out who designs a global network, who manages its elements, what those elements cost and who's paying which costs. Global networks are in the nature of public goods; economies and societies alike need to engage in a continuous cycle of analysis, solution design, implementation and feedback. For IT firms there's a need for courageous leadership within the firm, within the industry, and beyond.

"Japan, as a country that is frequently hit by typhoons and earthquakes, has a profound knowledge of crisis-robust" systems, Mr. Kurihara concluded. Japanese IT and communications firms are skilled in cross-border transactions and outsourcing. Tech giants like Fujitsu have helped shape industry-wide standards to reflect a delicate balance between competition and cooperation. At the same time, he urged, Japanese firms need better connections with their counterparts abroad, from Taiwan to Shanghai to London and New York, and "should invite understanding from the government side" and from individuals as well.

Panelist Harriet Pearson of IBM defined digital social responsibility by way of a Venn diagram, as the region where the aims of society, the business sector and the individual company overlap.

With advances in technology and globalization, as well as the rise of social networking have come big changes in how IBM engages with its customers and how its employees engage with each other, Ms. Pearson said.

A century ago, "companies would establish themselves in one location and would do business and would export their products. You had an international office maybe, but you basically operated in one place." The 1950s and '60s were the era of the multinational, where IBM had units in the U.S., France, Japan and many other countries, and "you had your marketing, HR, finance, all of your operations in one vertically integrated place."

With global networks today, "you have your headquarters in one place, but really you can operate from that one place everywhere," putting procurement in one country and HR support someplace else: "You take what used to be vertically integrated and spread the work around to where it's done best."

"What happens to the data that is being distributed and shared?" Ms. Pearson asked. Even 15 years ago, "if you had a company in France, you would have the computers that had the data. They would sit in a building in France with the HR information, finance and marketing information. The information wouldn't leave. It would be there. And if you wanted to take it, maybe you would get a tape and maybe you would batch process it over to someplace else.

"Those days are gone for many organizations," she said. For a factory in France, "the processing of the HR data or the financial data might be happening in a location in Romania or in the Philippines or Costa Rica."

"This is not just an IT discussion; it's happening because the business models and the way you organize work have changed," Ms. Pearson went on. In tough times, business people are asking, "How do we survive through this transition? And they will look to take opportunities like this to say how do we do it. But we have to do it in a way that is secure and that is trusted" and that upholds standards of governance, transparency, privacy and quality. "The models that may have worked 20 years ago, 30 years ago, even 10, when Web 1.0 emerged, may not necessarily suffice."

IBM has a long history in data privacy and security, she said. "We were the first company in the world, we believe, in 1969, 1970, to develop a corporate, global code of conduct for privacy and data protection governing all of IBM, specifically for employees." As an example, IBM worked with NGOs on privacy guidelines for RFID technology. "You can put [radio frequency ID tags] on different things and follow them around," which is a good solution for an apparel manufacturer that wants to track its sweaters as they are shipped from the factory to the retailer, but "a bad solution if you say 'my sweater can follow me and track where I'm going.'" Likewise, with digital health records it "improves convenience and health care quality to have your health record available online so that wherever you go to whatever doctor you can have good access to your health information," but "we must protect from having that health information used in inappropriate ways."

As for operating globally, laws and cultural expectations vary widely. European laws are relatively strict in this area and other regions of the world have not developed regulation in the same way. "Responsible organizations, I think, are best served when you take one single approach and say I hold myself to one standard around the world, because that's the only way I think you can establish trust and enable global operations."

Together with European universities and competitors such as Hewlett-Packard and Microsoft, IBM is looking at new ideas on identity management--"who is who on the Web," Ms. Pearson said.

Social computing means "you can ruin your reputation, or you can enhance your experience of social life and professional networking; you can help your company's agenda," or potentially harm it. IBM offers Social Computing Guidelines to help its workforce engage effectively with clients and society at large--and makes these Guidelines freely available to others via its website.

Beyond privacy and security, Ms. Pearson concluded, IBM strives to be a good corporate citizen in many different ways, from online collaboration platforms to a corporate service corps that teams junior employees from IBM offices around the globe to work on public-service projects in emerging-markets countries like Ghana. It is "a learning opportunity and leadership development for them, but it's also a way for us to engage as part of an answer" to the problem of poverty.

When global networks knit themselves together, trust becomes an important theme for enterprises and for states as well, Mr. Stewart commented.

With ubiquitous knowledge, "the value in the global economy, and prices, will change more towards empathy," and businesses will focus on the customer's viewpoint and the customer's experience, he added, citing the analysis of social commentator Dan Pink, a Japan Society Innovators Network member and author of A Whole New Mind. Social computing can mitigate risk, but it can also increase risk; the line between competition and cooperation has become blurred; and "courageous leadership, as Kurihara-san said, is needed to resolve these paradoxes."

Q&A from the audience followed.

What gives companies the incentive to get involved in digital social responsibility projects?

They hope to find out how to run their businesses more efficiently, and to find "profitability in areas that have not yet been discovered, if you will. I think that will be a prime motivator given the current economic crisis," Professor Griffy-Brown replied.

Progress on the environment and public health, reaching out to customers in emerging markets like Africa--"there are business benefits to be gained" both in financial terms and in terms of brand value, Ms. Pearson commented. If reputation isn't enough of a reason to act, or if firms ignore externalities, for example in the area of cybersecurity, "some level of government motivation, and creating incentives or standards, or demanding of certain behaviors is perhaps a good idea."

Are there problems for IT firms as a result of different laws and rules on ease of access and ease of navigation in various countries?

This is a work in progress, Ms. Pearson replied. "At some level many of these initiatives, even if there are conflicting laws and standards, reduce themselves to a set of common principles." In other cases competitors get together to set up solutions. "With a payment card industry security standard, Visa, MasterCard, even American Express--they all compete very much, but Visa pulled the ecosystem together and came up with a common set of security standards for the merchants who use the credit card to follow for the good of the industry, for the good of the ecosystem."

As a TV newsman for over 30 years, I've learned that a station isn't free to broadcast just anything. We have to be neutral. We have to tell the truth. And now Internet tools give each person the ability to become, in effect, a TV station. What can you recommend in terms of individual social responsibility in this context?

"Each one of us, if we go online and we see something that we found out was not true, we don't trust that source," Professor Griffy-Brown said. We look to customer-rating systems to help us decide which sources are trustworthy. "So the system itself is building up a set of codes that we, as individuals, can translate and use." There are new ways to distribute knowledge, but that "doesn't mean that social justice is going to automatically appear.... We have to be proactive in considering how we want this arena to develop."

Crowds can police each other, as Joichi Ito of Creative Commons points out, Ms. Pearson said. "I put some hope into that dynamic, because only something like that can be fast enough to keep up with what individuals might do or might choose to share."

Companies "can do a lot to set the expected standard of behavior in the business environment," Ms. Pearson added. This can spill over into the social environment, as with IBM's social computing guidelines, which are posted on the web for everyone, not just for IBMers, to read.

The guidelines "speak to the IBM person, not the corporation. They say this is a very powerful opportunity. Go out, do it--try all the different kinds of things, but remember a few things. Remember to protect your own privacy. Remember that you have the company's reputation on your back a lot of the times. If it's possible, act as a private individual and don't identity your professional affiliation. But if you have your logo on your shirt, so to speak, be very careful. You are always representing IBM. Behave as you would behave in any other place where you are giving a speech or interacting with people," and be careful to guard IBM's intellectual property.

"If enough organizations take steps like that, it creates a baseline of behavior to create digital literacy. We have to become literate. The next generations have to become much more literate about how to manage content, information sharing, security, than previous generations have been."

Mr. Kurihara agreed. "I will just briefly say that technology is designed and developed for human happiness," and everyone must educate themselves: "You are right that information technology can be manipulated, or through technology many people can distort information or mislead, but at the same time, we have knowledge and experience how to defend against such things."

--Katherine Hyde

Calendar of Events

February 2018

S M T W Th F S
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28      
All content © 2018, Japan Society, unless otherwise noted. |
333 East 47th Street New York, NY 10017 Phone: 212.832.1155 |
Credits | Press | Contact Us | Privacy Policy