savasLogo

What is a CDR?

....continued from the previous blog – Corporate Digital Responsibility

SAVAS Corporate Digital Responsibility

How do we define CDR – Corporate Digital Responsibility?

In simple words, CDR – Corporate Digital Responsibility can be defined as ‘the norms of appropriate and responsible corporate behaviour that ensures a positive Societal Impact with regard to digital data management and related technology use’.

How is Corporate Digital Responsibility different from Corporate Social Responsibility?

Corporate Digital Responsibility or CDR for short, entails companies to behave in a socially responsible manner but limits its focus to managing and handling Digital Data and related technology use only. Unlike the CSR where the main customer for the corporate is the Society that they thrive in, CDR has two customers, one external and the other internal. The external customer being the actual clients, the vendors, suppliers, dealers and distributors associated with the corporation whose data is resting within the corporate possession. The internal customers are the employees of the company who have access to the corporate data and not limited to the client related data alone.

The Need for CDR – Corporate Digital Responsibility

Extreme dependencies of corporations on Digital Media has created vulnerabilities which if not addressed at the right time can prove fatal for both the organization and their associates. Today, Digitization has made it possible to get rid of the bulky and tedious paper format of the data by storing it an electronic format. However, getting them stored in an electronic format has its own issues, like data loss due to malfunctioning of the device or storing on multiple devices with one or the other device connected to the internet posing a security threat due to data hacks, etc.

These days most of the transactions are done electronically, Financial transactions are done electronically, communications are passed electronically in the form of emails, audios and visuals, even the household devices such as refrigerators, Air Conditioners and even door locks are getting smart and networked with each other. All is well with smart devices until it is working well but if tampered with ill intentions, the same smart devices or data can be used for malicious purposes. In India, we do have regulations like the Information Technology Act of India 2000 and Cyber Law of India but none of these addresses the need for a corporations to be vocal with their customers and all the concerned towards demonstrating the responsibilities they own towards the digital media and its related technology use. More importantly these laws are focussed towards a particular sect of the companies such as IT related Companies alone and does not cover the others such as Finance, Manufacturing, Engineering, etc. Where in, the fact is that all the companies today irrespective of their nature of business are using digital media in all its forms for their day to day functioning.

Considering the corporate community to be the biggest consumer of Digital Media in all its forms, it’s time to start thinking about defining voluntary governing policies around the use of Digital Media and its related technologies and thereby demonstrating Corporate Digital Responsibility – CDR.

Let’s take for example a bank in order to understand the need better. A bank can participate in many CSR activities such as adopting government schools and take care of their requirements & infrastructure, building & maintaining public toilets or setting up of clinics and make shift hospitals in the down trodden areas. All these are activities that are focussed on contributing to the society without any expectation or financial gains from them. These activities are considered as a responsibility from the corporations who are making profits from the society to contribute a minor percentage of their funds towards the up keeping of the society they strive in and therefore termed as CDR – Corporate Social Responsibility.

Now for the Corporate Digital Responsibility side. The same bank as a corporation has numerous customers, various financial products, many employees and vendors associated with it. As a customer, I have submitted by Driving License details, Date of Birth, Aadhar Details (similar to a Social Security Number in the US), Passport Number, other Bank account details (if any), contact information, PAN Information, Address details and so on. Similarly, an employee with the bank will have his or her information stored within the bank data repository. Now these kind of data is sufficient to impersonate an individual if necessary but yet we share as these are mandatory requirements from the bank if we have get their product. Most of us don’t even ask the bank representative about the data security coz, it is understood that as per the standard practices practiced by a responsible corporation they would have taken sufficient precautions in order to keep the data safe. But, is it not the bank’s responsibility to be vocal about what they think about owning our data or anybody’s for that matter? They actually do, it is shared on their website and is mentioned even on the printed application that gets signed by the customer but in a very fine print and in thousands of words. The details of what the bank does about data security is mentioned in multiple documents such as the Terms and Conditions, Privacy Policy, Regulatory Disclosure, Legal Disclaimer, Code of Commitment, Code of Business Conduct and Ethics and so on.

Instead of sharing information about data security on multiple documents given the different circumstances and examples and situations, what a bank should do is come up with one single document called the ‘Corporate Digital Responsibility’. This document will reveal as to what does digital data mean to the corporation and what it is doing to safe guard the interests of all the concerned, both the internal and the external customers. This should be made available to the all the concerned in both a soft copy and a hard copy to go through. It is about time that we start dealing with digital data with all the respect it deserves as the dependency on Digital Media is going to increase by every day and never will decrease.

to be continued....

What to expect in the next Blog?

Functions of CDR – Corporate Digital Responsibility

Prrashanth SAVAS author

About the Author

Prrashanth H Nagaraj is the Founder and Managing Director of SAVASInc. He comes with around 16 years of professional experience across multiple industries such as Engineering, Banking, Insurance, IT, ITES and Digital Media. He is graduated in B. Eng. from University of Mysore and has a MBA degree, specialized in International Business from the University of the West of England, UK.