Ethical dilemmas & data privacy

The GDPR entered into force four years ago with a big bang, and many activities took place in organizations to secure compliance. Is our privacy better protected today than four years ago? Would you have guessed that most answers to ethical dilemmas regarding data privacy have a lot to do with company culture and values, rather than focusing on specific clauses of legislation?

EthicsTalk LIVE on ethical dilemmas and data privacy on June 14th 2022 with Riikka Autio from DLA Piper, Aiko Yamashita from DNB and Tatiana Caldas-Löttiger from Fairplace was a vivid conversation on the megatrends affecting our privacy – AI, ESG and COVID19.

Building solutions together with the work community

Riikka kicked off the webinar by explaining how employers can tackle legal requirements to secure a safe working environment to all employees, without violating employees’ rights. Riikka pointed out the importance of a continuous dialogue between employers and employees. Instead of getting stuck with tough questions, successful companies build solutions together. Meeting requirements of a safe working environment has been less burdensome to those organizations that have a culture of trust, compared to ones who are still learning about dialogue.

Is your D&I reporting supporting your sustainability strategy?

Organizations are expected to show that they are diverse and inclusive by reporting on various parameters. Even though consent must be obtained from employees to use their data, employees are sometimes surprised to see their HR data displayed in annual reports and other publications. How should we promote diversity, have transparent reporting and at the same time respect employees’ rights not to disclose personal matters? Riikka emphasized that the company’s sustainability strategy is a starting point indicating the organization’s objectives and what it stands for. When companies conduct diversity surveys, strategy helps to formulate survey structure and questions. It also helps to prevent employers from collecting irrelevant or too much data.

“Companies should avoid the tick-the-box syndrome just for the statistics.”

There must always be a real purpose for collecting data. Riikka also pinpointed conversations around diversity and especially reporting sometimes focuse on minorities rather than finding out how employees excel at their jobs, regardless of (or by virtue of) their differences.

Diversity surveys should always be voluntary and anonymous. As diversity data may also fail to capture phenomena that are essential to work performance, such as neurodiversity, there is a reason to question its reliability.

Does a perpetrator have a right for privacy?

Finally, we touched upon compliance violations and terminations. Sanctions of compliance violations should be made evident, yet it is even more important to protect privacy of individuals, despite the level of wrongdoing. Riikka advises organizations to focus on clearly communicating discovered defects and what the organization will do about it. Attention should be on action, not individuals. If for example a policy or a guideline needs to be changed due to a compliance violation, this should be communicated, rather than updated in silence. This will highlight that when people do speak up, it is taken seriously.

If you are interested in watching the webinar recording, please head over to Nordic Business Ethics’ YouTube channel.