Keith Vaz, Chairman of the UK Parliament’s Home Affairs Select Committee is building pressure to publish a list of 102 “blue chip” organisations that have “commissioned private detectives that hack, blag and steal personal information” from banks, utilities, the UK’s taxman HMRC and, it is also alleged, from serving policemen. The list has been provided, confidentially, provided to the Select Committee by the Serious Organised Crime Agency (SOCA). Names of some of the firms allegedly on the list have begun to leak.
Twenty-one law firms, nine insurance companies and eight other financial services firms apparently head the list, which also includes management consultants, oil companies, accountancy firms and venture capitalists. Ominously it includes 16 other private investigation agencies, suggesting that the number of end-users could grow substantially. The FT reports that there is apparently another list, of 200 companies, held by the Metropolitan Police.
Before the 1990s even the courts regularly accepted information from sources such as private detectives. But things changed radically with the Data Protection Act 1998, brought in to implement an EU Directive of 1995. The legality of fishing for private data changed abruptly, and with it the morality, as the continuing press phone hacking scandal, centred on News International, has shown.
So what is going on in these ‘Blue Chip’ companies? The fact that you happen to employ a private detective who sometimes uses illegal means to get information does not mean that your information will be gathered by illegal means. Some companies will have specified “use no illegal means”. But at the other end of the spectrum, some clients will deliberately have chosen an agency because it is known to be able to obtain hard-to-get personal information.
When the list is published, some company leaders will be “shocked” to discover that their employees have been using bent private eyes illegally to obtain personal information.
They shouldn’t be surprised. It is a frequent feature of unexpected crises afflicting respectable companies that the leadership didn’t know what was really going on below them.
We call this the 'Unknown knowns' problem. It regularly turns out that many people in a firm known things aren’t as they should be, but either no-one is prepared to tell the leadership or the leadership won't listen. In our recently published research report, ‘Deconstructing failure - Insights for boards’ we found 'Defective information flows to and from the board' were a cause of 60% of the crises we analysed.
The phone hacking scandal created a reputational maelstrom for the media, particularly for News International. All those on these lists can expect rough treatment by the media, especially those in financial and professional service firms that trade on their trustworthiness.
As leading City commentator Anthony Hilton wrote recently, PR won’t be an adequate solution. Leaders of implicated firms will have to dig deep to find the real root causes of the problem before they can even start to regain public trust. Scapegoats will not be enough.
- Reputability are thought leaders in the field of reputational risk and its root causes, behavioural risk and organisational risk. Our book 'Rethinking Reputational Risk' received excellent reviews: see www.rethinkingreputationalrisk.com. Anthony Fitzsimmons, one of its authors, is an authority and accomplished speaker on reputational risks and their drivers. Reputability helps business leaders to find these widespread but hidden risks that regularly cause reputational disasters. We also teach leaders and risk teams about these risks. Here are our thoughts, and the thoughts of our guest bloggers, on some recent stories which have captured our attention. We are always interested to know what you think too.