Until very recently, technology firms have enjoyed a life relatively free of regulation and compliance worries. That’s about to change thanks to a growing demand for transparency, data security and privacy, and the fact that technology firms are partnering with other firms in highly regulated industries, such as financial services and health care. Regulation is coming. Get ready. This is your wake up call.
Protiviti has published a four-part series on key considerations for technology industry board members and executives interested in what the responsible technology firm of the future might look like. Our series focuses on the rapidly changing landscape that is altering the conversation at the highest levels of technology companies and offers insights to help companies be prepared for the future.
We began this conversation with an overview of the changing environment in a previous post. Here, we focus on the rising tide of regulation, made evident by the adoption of the European Union’s General Data Protection Regulation (GDPR), and recent similar laws passed in the U.S. — specifically California, New York and Pennsylvania. A congressional hearing in September suggests that new federal regulations may be in the works.
This wave of heightened scrutiny comes at a time when public confidence in the ability of tech companies to protect their sensitive data is at an ebb. A new report from Harvard’s Shorenstein Center on Media, Politics and Public Policy and New America, a Washington think tank, published just two days before tech executives were scheduled to appear before the Senate Commerce Committee, declared, “The companies that control this market are among the most powerful and valuable the world has ever seen. We cannot expect them to regulate themselves. As a democratic society, we must intervene to steer the power and promise of technology to benefit the many rather than the few.”
The Wall Street Journal, in an article covering the report, declared, “Silicon Valley tech giants can’t be trusted to police themselves and should be subject to tougher regulation.”
That’s not to say that technology firms should not have a say in how they are regulated. But before they do so, they must get their houses in order. That means building and managing a strong corporate governance function, and shaping the right organizational culture governed by a strong, consistent and appropriate tone at the top. How organizations can do that is the subject of Part 2 of our Responsible Tech Firm series, available as a free download from our website. We recommend a read, and we are interested in your thoughts, both here and on our website.