Guest post: Drew Bartkiewicz is a vice president of Technology and New Media Markets for The Hartford, and author of the upcoming book, Unseen Liability.
In today's 24/7 business world, companies and their customers are consuming, sharing and storing data at an unprecedented rate. This data has in fact become one of an organization's most valuable assets, but unfortunately it can also be its most dangerous.
Most businesses are not aware of the risks associated with this information or the best ways to protect it from harm.
In addition, the use of social media and networking initiatives has brought hidden risks to businesses they never thought possible. The ownership of Internet risk is a gray area, and customers or users of Web sites that do the wrong thing can now expose companies to unseen liability-ranging from data piracy and intellectual property infringement to reputational harm and libel/slander lawsuits.
Many companies, however, are blind to these risks. Even some insurers are finding themselves behind the curve.
What's urgently needed is an understanding of the risks posed by Web 2.0 and the development of strategies to address those risks, including new insurance products.
One big concern is whether Web-based communities will become liability breeding grounds.
Web 2.0 encompasses the social networking and social media aspects of the Internet. There's Facebook and YouTube, niche sites, and corporate-sponsored online discussion groups.
Companies started social networking sites to connect with customers. Individuals and businesses jumped on blogs, wikis, professional networking sites, audio and video file-sharing communities, and user groups.
For companies, the data explosion means they no longer solely control their brand and message. For individuals, it means every aspect of their online personas is fair game for marketers, criminals, hackers and others.
And in virtually every corporate or individual case, there is an entity-a corporation, an organization, data processor, application service provider, e-commerce company, or networking or file-sharing service-that has legal responsibility.
How did we get to the point where this risk grew with scant understanding and minimal risk-transfer strategies?
Over the past several years, companies have been focused on e-commerce data-breach risks, such as the inadvertent or criminal disclosure of credit card and Social Security numbers. To be sure, those risks are real and continue to grow.
But Web 2.0 liability is emerging as an equal if not greater risk.
As data grows in importance, affecting everything from stock prices to consumer confidence, it has soared in value. Information thieves, black market data buyers and data brokers have swooped in. In general, the more detailed (or salacious) the information, the more valuable it is and the greater the liability.
Currently, businesses are facing three major threats:
- Data privacy breaches
- Intellectual property violations
- Media/advertising risks
Operating under the misconception that cyberspace is controlled, secure and anonymous, many people post intensely personal information about themselves, or about their employer.
Sites and communities of all types have vast treasure troves of detailed information, including profiles, history and behavior. They are also vast e-mail and storage repositories. It's not hard to imagine an on-rushing wave of class-action lawsuits if this information were to be exposed as a result of company negligence.
Intellectual property violations, one of the early social media battlegrounds, continue to threaten brand identity and reputation as well as valuation. MarkMonitor, which specializes in online fraud protection, determined that online sales of counterfeit and gray-market goods will cost businesses $137 billion this year. Tiffany has sued eBay, Viacom has challenged YouTube, and the list goes on.
There are also media and advertising risks, including the dissemination of false, misleading, discriminatory or harmful information, and direct attacks on competitors. In the end, emerging case law will be written to determine whether business is liable for the malicious, silly, or just plan dumb acts of their online users...employees or customers.
Unlike past risks, which have been easier to identify and less fluid, online Data Privacy and Reputation liability changes day to day. This nascent area offers the insurance industry the opportunity to step up and lead the effort to protect businesses from the unseen liability associated with social media and networking so that clients can explore these new business opportunities without falling victim to the hidden risks.
Watch out established brands. There is more uncertainty with the social web than you may realize.
Bartkiewicz can be reached at Drew.Bartkiewicz@thehartford.com