Over the past few years, scandal after scandal has put tech companies under a microscope. Users, policymakers, and investors are demanding to know how companies are protecting privacy and free speech, and companies that fail to do so are being held accountable, by , by , and by . Businesses large and small need to take proactive steps to protect users and find ways to navigate this landscape.
The ACLU of California has a guide to help: , which offers advice for companies wrestling with today’s most pressing challenges.
The industry can do better. It must do better. Right now, governments are seeking massive volumes of information from tech companies. Democracy is under threat by to suppress speech and weaponize personal information. The Trump administration is trying to exploit online services to monitor immigrants, activists, and entire neighborhoods. And a stream of data breaches is endangering users and exposing companies to massive potential liability.
Mistakes in this climate can be catastrophic, for both users and a company’s . Anticipating threats and protecting users isn’t just the right thing to do, it’s also critical for business.
To protect people’s rights, companies must plan ahead, ask difficult questions early, and build privacy not just into their products, but into their business models. The ACLU guide offers over that illustrate the benefits of building a business on a foundation of privacy and free speech. Other case studies show the serious risks, for both users and the business, when companies fail to do so.
The guide includes expert advice, identifies common mistakes, and gives clear guidance on how to avoid them. For example, companies must by only collecting what’s needed, protecting users, and avoiding replicating destructive real-world biases. Had Facebook limited and protected the data it collected, and the company could have avoided the lasting reputational harm from users who find the company’s numerous privacy failures unacceptable.
We show companies how to by building privacy and security practices and policies into organizations’ structure and product-design process. With proper planning, hacking nightmare that exposed highly sensitive personal information of 143 million people and led to the largest class-action suit in history.
We also highlight how to with users about what data a company collects and what it does with the data. If Venmo had been transparent about its default privacy settings, from users furious that years of their transaction histories end up being aired publicly.
We illustrate how companies can , encourage free expression, and only remove content when it is illegal or specifically harmful. By following this advice, PayPal could have avoided for threatening to kick book publishers off its platform unless they removed “offending literature” from their catalogs.
And we provide concrete examples of how companies can effectively by putting them in control of their data and standing up for their civil and human rights. Twitter, for example, was hailed for protecting its users when it sued U.S. Customs and Border Protection over a request to unconstitutionally identify and share the personal information of an online critic.
Time and again, companies have learned firsthand that taking proactive steps to design user-protective products and business plans builds long-term sustainability, while failing to do so can lead to public relations nightmares, costly lawsuits, and government investigations.
The stakes are simply too high to ignore privacy and free speech, and with this guide, companies will have an important tool to protect their users and build their bottom line.