Reputation Threat


I think it's time for a little healthy paranoia.

If you are a high profile individual, or if you hold a top position in a high profile organisation, or if what you do is intrinsically interesting, then, yes, you should be paranoid. Assume you are under attack. An army of people is after your secrets. They may be sitting in a back room of a Moscow apartment; they may be lurking at a table next to you in an airport lounge, or even in that car with blacked-out windows parked discreetly outside your house. They may be anywhere. But what they have in common is that they are looking for information you don't want them to have, and they have the tools to extract it.

Of course, you may operate in an environment of meticulous care, where your commercial and business secrets are safeguarded and protected with professional skill and rigour. More and more enterprises are recognising that safeguarding confidential information has to be one of the basic fundamentals of good management. But that still leaves your personal life unguarded, and that can just as surely destroy your professional reputation.

The threats to our privacy are growing exponentially, as smart technology worms its way into every corner of our lives. There is a well-publicised report now being investigated by the Information Commissioner of LG smart TVs on sale in the UK feeding confidential information and data back to the manufacturers in Korea. Even simple household appliances seem to be morphing into sinister tools of intrusion, with reports from Russia that hidden microchips had been discovered in kettles and irons imported from China, and that these were there to pump spam data and malware into wi-fi networks, allowing confidential data then to be sent to a foreign server. Not a story you'd necessarily believe, but you wouldn't want to bet your career against the possibility, either.

Recently I took part in a presentation to a group of generals visiting from a friendly third world country. A colleague with a security background caused an uneasy ripple when he showed them how easy it was to transform their mobile phones, undetectably, into wireless microphones broadcasting everything they said, and the meetings they held, to be listened to on his own phone, wherever he happened to be.

The same colleague also showed how easily and quickly the entire contents of your phone can be downloaded, if you leave it in the wrong hands for just a few minutes. At government offices and embassies around the world, he insists on removing the battery from his phone before handing it in. “It doesn't prevent them getting at it, but it makes it more difficult”. Perhaps a reason to choose a phone with an easy-to-remove battery!

I'll leave it to others who are better qualified (and at Chelgate we work with several) to talk about the challenge to corporate confidentiality, and the ways of building better protection into your business. But the people cracking open your secrets are not just looking for commercial information. They are after your reputation, too. All the recent talk of phone hacking is really only the glimmering tip of a very large iceberg.  Hugh Grant may never have his phone hacked again. But his privacy will still be far from secure.

Law firms are coming at the same problem from the legal perspective, and ending up in much the same place. Keith Schilling explained to me over breakfast recently how Schillings had acquired an IT security company, and you can see how that makes sense. You want to keep your clients' privacy safe, if you can. But if it's compromised, you need to know how and by whom if you are going to be able to put it right.

For PR professionals working in Reputation Management, Reputation Protection has become an increasingly central part of the job. A vital part of this is helping our clients to protect their privacy, spotting when it has been compromised, and moving quickly to counter the damage. Sometimes a vital part of the response will be a legal one, and PR firms increasingly need to work closely with their colleagues in the law. But at other times the legal route may not be either the best or the quickest way to contain the threat. But this will depend on a bunch of different factors – scale, motive, accuracy and source being just a few. A PR firm with Reputation Protection skills will have a range of tactics it can deploy, both online and offline, usually faster than any legal process can be put in place. But often, the most effective response will be a broad spectrum one, using IT, PR and legal responses to re-establish control.

Of course, prevention is better than cure, and the professional PR practitioner needs to have at least a basic understanding of good privacy practice – sufficient at least to conduct an initial review of client vulnerabilities. They may be as secure as the Bank of England when they in the office, but what do they do when they are at home, or travelling the world. Just how secure is their wireless network at home? Do they use public networks when they travel? When they settle down for the evening in that charming Kuala Lumpur hotel, and they connect to the hotel network, just how private are they? Or, if you are Chancellor of a great European nation, should you really be spending hours every day texting on your insecure personal phone?

Of course, even if your personal privacy is absolutely watertight, that may not be enough, which was another point Keith Schilling made as I wrestled with my morning croissant: “Who knows what photos are being posted and stories told by the VIP's children to all their friends on Facebook?”

In fact, these days, anyone holding down a high profile job should have a proper Privacy Audit to check on potential vulnerabilities. It's hard to manage reputation if your every minor indiscretion, embarrassing faux pas or domestic issue is potentially out there on public view. At Chelgate we know enough to offer general guidelines, and to know whether you need one. But this really requires very expert capabilities which we don't pretend to have. But we know people who do, and that audit, and the strategies springing from it, need to form a cornerstone in any high sensitivity Reputation Protection programme.

Terence Fane-Saunders

Murder most public

Family, gather round the sick bed. Chaps, hunt down your black ties. We’re in the presence of Dead Law Walking.
The preposterous and increasingly pointless Super Injunction is gasping its last breaths. Pretty soon, we’ll hear the death rattle in its throat. It’s over. It has been murdered, publicly and horribly.
And like some Agatha Christie novel, the victim is so full of stab wounds, it’s hard to know just who struck the fatal blow.
The assault from the Internet has been quite enough to kill it where it stood. Where’s the point in a Super Injunction if Twitter, Facebook and the blogosphere tear the privacy veil to tatters? Keeping a story out of the traditional media no longer provides any kind of lasting protection for the publicity-shy public figure. I could float a story on the Internet right now which would reach a million people before it saw a word printed in the press. And before any lawyer could be rushed to the baricades.
Mr Justice Tugendhat may have warned that anyone who uses the Internet to breach a court order still leaves themselves open to a claim for damages. But the good judge is whistling in the wind. He doesn’t understand the Internet. Too many people will pay no attention. Too many will simply not believe him. And when a fierce firm of ferocious lawyers finally tracks down Ernest Hardbottle of 12 the Larches, to duff (in legal parlance) him up for breaching the Court Order, they will find that his only seizable assets are Mrs Hardbottle and the family cat. Meanwhile, Ernest’s “leak” will be carried on by a thousand other voices across the net. Will they hunt them all down, too?
But it may have been Lib Dem MP John Hemming who struck the mortal blow when in March of this year, he used Parliamentary privilege to name Sir Fred Goodwin in open defiance of the super injunction binding us all to secrecy. Maybe it has been bleeding to death ever since .
But if John Hemming’s was not the death blow, the wounded beast could never have survived the battering of the past few days when Lord (”put-em-in-the-stocks-and”) Stoneham, asking a Question on behalf of Lord Oakeshott, completely destroyed any shreds of anonymity that Sir Fred might still have hoped to wrap around himself.
Yes, of course, the dying patient may stagger on a year or two. Three at the most. But who will bother to use it, who will bother to go to the cost and the effort of seeking out a super-injunction, when they know that it simply won’t work ; worse, when they know that their attempt to gag the press, and to gag us all will in itself add wings to the story? If it’s not dead today, the super-injunction is surely mortally wounded.
Yes, of course there’s a place for legal action in matters of privacy. But the Super Injunction is not the answer. And part of the answer will lie outside the legal process. It will lie in the way you work with the press. In fact (and I know many won’t believe this), most journalists are not monsters. They don’t like being lied to, and they don’t like being gagged. But if you are straight with them, then usually they are straight with you (and of course, any good PR operator has his or her little list of “Serpents not to be Trusted”. We know who they are!). Declare war on the Press and , in the end, nearly always, you lose. Much better to work with them, and at least have a chance to shape the story, and to have your version of events heard. And, in fact, a decent journalist is quite capable of being a decent human being. I can think of several occasions where journalists have held back from inflicting further pain, because to do so would be unnecessary and would add nothing to the story. And because journalists are human beings too.
Well, most of them.
And I know they will give the Super Injunction a decent funeral, and a riotous wake.
Terence Fane-Saunders