Presentation on theme: "PR and Cybersmear Campaigns"— Presentation transcript:
1PR and Cybersmear Campaigns How to avoid and fight online reputation attacks against your clients…what every PR professional needs to knowParry Aftab, EsqFor NETA Communications Council November 16, 2005
2What is a cybersmear campaign? It’s an organized campaign designed to intimidate, harass or adversely affect the reputation of a company or representative of that companyIt may start out innocently or as an angry communication, but builds to have a potentially serious affect on the business, operations or reputation of the company or its representativesIt may start out small and build with the help of unwitting accomplices manipulated into supporting the campaign
3How does it work? Rumors and innuendo Stock manipulation Personal attacks and harassmentCyberstalking and cyber-harassmentPosing and impersonationCybersmear by proxyCommunications with key stakeholdersAnonymous defamatory statementsGetting competitors and regulators involved
4Cybersmear and the Law Defamation TOS violations, acceptable use policy violationsCyberstalking and harassmentSEC violationsRegulatory violationsFalse light and common lawsIntellectual property crimes and violationsHacking, cyber-espionage, unfair trade practices and fraud…Oh! My!!
5What can anyone do about it? The best time to consider this is BEFORE it occursCreate a cyberattack committee or teamKeep a cyber-eye out for anything posted online about your company, key executives and employees and productsAlert your IT people to watch for SPAM referencing any of the aboveTerminate access for any problematic employees, agents and contractorsMonitor employee communications and set rules about permitted and inappropriate technology usesGoogle your company and watch the blogs (feedster.com and other similar service)
6The role of the PR professional in protecting the reputation of the client PR is crucial and should help lead in these issuesPR must be a member of the cyberattack team and help identify crisis spokespeoplePR must maintain credibility with industry and mainline media and pressPR must deliver the message positively, without feeding the misinformationPR needs to be well-informed about the company’s operations, businesses and strategiesPR needs a good working relationship with legal and IT, as well as managementPR needs to identify possible breaches and targetsPR has to think like an attacker…how would you attack reputations and business?
7Anatomy of a cybersmear Sounds plausibleBuilds on provable facts and statementsRelies on anonymity of the attackerRelies on the gullibility of certain media and others online, like influential bloggersGives a suggested outcome and suggested places to launch attacksTargets key stakeholder within and without
8Things you can do in advance… Register the URL of all permutations of your brandsRegister all permutations of your brands in blogging servicesRegister all of the above with “bash,” “hates,” “sucks” or similar termsGet online and after-hour contact information for media, press and key stakeholders – analysts and shareholders, major ISPs, and policeInform senior management and unions, as well as board members of the possibility of cybersmear and what to do if contactedPut in systems to collect evidence and work with IT on tracing methods and with legal on subpoena execution
9Selling it to Management Find ways to prove the value to management – upside and downsideFear and greed motivateFind the ROI, get legal, HR, risk managers and IT on your sideDo some researchDo some sensitivity training on online reputation risks – tie it to cyberharassment and cyberbullying in the media
10Cyberattack Team Make-up PRLegal, consumer relations and HRBrand managersMarketingIT and website/services managementInsurance and risk managersCorporate communications (if separate from PR)Senior management and at least one board member
11Understanding the Cyber-Breadcrumbs Everyone leaves behind an IP addressStatic and dynamic IP addressesCivil subpoena or law enforcement subpoena processPreserving the recordsHow to read a header – what it shows
12Things to think about Insuring the risk Early warning systems with IT and HRIf monitoring employees, check with unionsTracking news releases about your clientHolding seminars and workshops within the company to raise awarenessLearning more about the problem
13To contact me or for more information The Privacy Lawyer column for Information Week Magazine (informationweek.com)