One of the many mailing lists I’m involved with is the Linkedln-related list Linked In Bloggers. A primary focus of the group is professional networking, of course, but since it’s a smart group of professionals, our conversation sometimes wanders a bit further afield.
The latest topic we’ve been exploring is Sony Corporation and its apparently surreptitious attempt to automatically install a digital rights management system onto computers via Sony BMG music CDs. Not only is the unauthorized installation of software reprehensible, but there’s still an active public debate about the entire topic of digital rights management (or DRM), making Sony’s move doubly disturbing. This incident also calls into question our belief that music CDs are benign information devices, but that’s a more theoretical discussion.
The specific question isn’t whether Sony should have done this or not, it’s how Sony should do damage control in this situation, in particular, should someone from Sony be blogging or getting involved with other blogs? It should be no surprise that many in the blogosphere are abuzz with the debate, including my colleagues in LinkedInBloggers…
Dennis McDonald: One topic I have not read about in regard to blogging is the use of blogs in “damage control” PR situations.
What comes to mind is the current situation where it has been revealed that Sony has published music CD’s that install hidden files on customer computers that not only prevent unauthorized copies but also are hidden from the user, can be used by hackers to cover up hidden software attacks, and which cannot be uninstalled (apparently) without damaging Windows.
Here’s a link to one of the many articles that have appeared about this: Sony Rootkit DRM.
What role could blogging play to help manage what appears to be developing into a damaging situation for Sony? Some in the “blogging community” itself seem to be up in arms about this. Is there any reason why Sony couldn’t use blogging to try to defuse/manage/control the situation?
Daniel Sweet: I would say that, in this case, unless they have an existing Blog with some trust factor going on already, it is unlikely that they can use a Blog to extricate themselves from this mess.
If this were, for example, GM, which has a Blogging CEO, the Blog could certainly provide some cover for the most diehard folks (who are the ones using the Blog in the first place). But that’s only because they’ve got a record of dealing straight with the Blogging community.
Any new Blog, quickly following a PR disaster, is likely to be seen as spun damage control and not a “real” attempt to clarify and fix the mistake. Clearly, it isn’t Sony’s intent to “fix” anything here. They just don’t want to be see as the company that allowed malware to operate underneath their cover.
Nik Kalyani: I agree with Daniel.
The blogger who started the firestorm — Mark Russinovich — has huge credibility in the tech community and his free tools have saved many a system administrator when in a bind. If you read his blog posts (Sony Rootkits and Digital Rights and Sony’s Rootkit First For Internet) it’ll also be quite obvious that he took a significant amount of time to document the issue with relevant screenshots and references to other documents and technical materials.
Given the evidence he presented, the only way a blog would help Sony is as a medium to accept fault and remedy it. Note that Sony, in its infinite wisdom, instead of fessing up and being forthright, made things worse by releasing a patch that can cause system crashes and data loss (Dangerous decloaking from Sony?). They just don’t get it.
Steve Duncan: Blogs are not a suitable tool for damage control unless the company already has one established, in which case they are far less likely to need one for damage control
BUT
OTHER PEOPLE’S BLOGS could be very useful. Consider Kryptonite, and their problem a while back – someone posted instructions on how to open their locks with a ballpoint pen. They decided that stonewalling was the best bet, and two weeks later or so ended up doing an expensive recall.
If instead they had responded to each and every blog post, with an explanation, apology, anything reasonably honest and forthright they probably would have saved themselves a lot of money in the long run. They’d still have to do the recall most likely, but the quantity of claims probably would have been much lower, and they could have gained trust. Consider Tylenol’s deal with the cyanide a long time ago – it was expensive, but they handled it right.
Blogs are still new enough that any company responding directly to a blog via a comment is seen as pretty darn responsive, and as long as the response is reasonable it’s a positive move. If Kryptonite had explained, say, that 99% of the locks they sell are defeated by being broken/frozen/cut/bent/etc instead of picked, and thus they’d been blindsided, I think people would have understood. At least, they would have felt bad for such a brainless company, perhaps.
In Sony’s case, however, well, they’re such large, ruthless, heartless company that it’s hard to imagine them getting much use out of a blog for any purpose.
Naina Redhu: Although Doostang’s been pretty beat up on all the forums by now [ed. note: see my article Intelligent Design, Evolution and the Tech Industry for background information] – they too kicked of a blog for “damage control” and they accepted their mistake and have been updating the blog with how they have been remedying the situation. I think that’s an excellent use of a blog – the only problem with this situation is that had they created the blog before they got caught in a damage situation, users like us would have known where to find the blog and find out the status of the action being taken. Unfortunately most users are still not aware that there is a blog on Doostang so Doostang keeps getting hit with bad publicity.
Damage control or not, most importantly, for a company, a blog creates conversations. Especially when we are starting to rely heavily on non-face-to-face media, blogs are an empowering medium. Companies should spend time building their blogs.
Doostang’s blog: blog.doostang.com
Dennis McDonald: Whether or not someone who might be interested in a “damage control blog” knows about a company’s blog before the “damage” occurs might not be as important as just being able to find it when it is needed.
On the web at the present time, that means (a) you already know about it and have it bookmarked on your browser, (b) you know how to search for it and find it (probably using Google), or (c) someone (maybe the company, maybe a friend or acquaintance) provides you with a link to the address (via an email, an ad, etc.)
In large scale situations, I think that (c) is more likely to occur. And if I were a company doing damage control, I would never assume that (a) or (b) were sufficient to getting out the word about the damage control blog.
I’m definitely not arguing against having a blog that is integrated into a company’s customer communications strategy before it is needed. I just think that establishing a dedicated place on the web (problem-specific, its own address, its own look, etc.) to handle a specific problem is not such a bad idea, expecially when The Media come crawling for info.
So maybe the appropriate corporate strategy is the following:
(a) make blogging part of your normal day to day customer communications strategy.
(b) be prepared to establish a problem-specific blog to deal with important “damage control situations” that can be publicized internally and externally as rapidly as possible.
Steve Duncan: I think this is a very interesting observation. Doostang is very new, so they don’t have a reputation of evil to contend with – their reputation is still forming. They’re also still in a stage where there are possible reasonable explanations for their behavior.
Sony, on the other hand…well when it comes to DRM they can’t claim any
accidents.
Personally, I find this entire topic quite fascinating at a number of levels. First off, some of the case studies I worked through in business school were on damage control and crisis management, so having something cause negative publicity and then being forced to respond in some manner is certainly nothing new to any senior manager nowadays. There are good and bad examples of this sort of crisis management, of course, but one of the cornerstones of any approach is take your response to the community most affected by the problem.
That’s why I believe that Sony, a company already in dire straits as its brand of tech cool has faded and sales have dried up, must get involved with the online community in this situation: it’s bloggers that broke the story, bloggers that have brought it to national attention, and therefore it’s bloggers that must be placated or acknowledged in any damage control efforts.
But there’s a bigger idea here too: one of the truths that has been emerging from the blogosphere is that bloggers influence thought and opinion leaders even in markets that are typically considered unrelated to technology or the Internet. That’s a profound realization because it means that even companies who believe they’re immune from any negative publicity online are fooling themselves because their key constituency are already online, even if the majority of their customers are not.
In a lot of ways, Sony is the perfect company to have this problem because it’s had to dramatically reinvent itself in the last decade (a process that it’s still doing), having fallen from the height of cool in the tech gadget space. Sony CEO Sir Howard Stringer — the first American CEO of a Japanese powerhouse company like Sony — has one heck of a challenge ahead of him, and this is just another knife in his belly. Sir Stringer, it’s the 21st Century and it’s time for Sony to embrace its key market and get involved with the blogosphere.
This is just the time to get started. Sony, the onus is on you to deal with the situation, not just issue some limp, passive press release on the topic. Now’s your chance. Are you ready?
Sony screwed the pooch. No one, even a large corporation like Sony should have taken such a bold and dangerous step. We’re talking about the welfare of millions of computers that could be damaged just for the almighty dollar. (Like Sony isn’t in the black already). It was just plain stupid on Sony’s part, and I for one won’t buy their products anymore…..
Wow Dave!
This has become one long AND enthralling conversation. I appreciate that you took the initiative to archive the conversation here on your blog – I read through all of it and learnt some new stuff too [ other’s opinions mostly ]. The LinkedIn Forums are indeed a good investment of my time.
Thank you for sharing!
Sony is imitating cyber-criminals, the makers of viruses, Trojans, and worms.
This is Psycho-capitalism, mammonism gone mad with selfishness and greed.
The smart record companies, like Matador Records (alt rock) and Schott-International (modern classical music), are giving out free mp3s, samples of bands, to generate sales for the CDs.
Then net labels, like Comfort Stand and Puzzling Recordings, are giving entire CDs as mp3 downloads, away for free.
The old market mentality, exhibited in ugly manifestation by Sony BMG Music Entertainment, is dead.
Forget Sony damage control.
Sony needs to change their flipping corporate culture, not to a band-aid, quick-fix “damage control”.
Who cares about this huge greedy corporation’s damage? I don’t.
What we should be caring about is the damage to customer’s CD drives, which can occur if a customer simply attempts to uninstall the sleazy DRM cloaked rootkit.
Sony should definitely have an official blog set up for news and announcements regarding this fiasco, but I don’t like the idea of Sony sending out dozens of employees to comment at complainers’ blogs. It sounds too much like “pre-emptive striking” to me and would likely lead to online wars, espionage and countersurveillance included. How can a blogger know if a “Sony apologizes” comment is really from a Sony representative, for example? Anyway, Sony needs to do something, and fast.
Thanks for your sharing.