From the Concept of Reputation Management "ORM" Considering Corporate Defense and Proactive Management

Personal data leaks, compliance violations, product accidents... Crises that can arise in business activities have become increasingly diverse and complex in recent years. Furthermore, the proliferation of social media has dramatically accelerated both the potential for crises to occur and the speed at which rumors spread. How should companies prevent imminent crises before they strike and prepare for the worst? And when problems do arise, how should they fulfill their accountability to society and the press? We asked three experts about the nature of "crisis communication" in light of recent social conditions.

Mr. Sugawara, who founded his company while attending the University of Tokyo, foresaw that "the essence lies in derivative businesses" within the evolving online society accompanying the advent of Web 2.0. He pioneered web risk management services in the industry. He discusses a new approach to "reputation management" – defending while attacking – addressing how to handle negative information that is hard to see but, once released, spreads and persists.

Cases of abandoning M&A deals due to online rumors are increasing

Around 2006, the term Web 2.0 gained traction, marking a significant shift in how information flows online. Previously one-way communication became bidirectional. This gave rise to review sites, where diverse "reputations" began circulating rapidly across the web, becoming one catalyst for the emergence of web risk.

Since then, diverse evaluations and reputation information have actively circulated online. In recent years, the proliferation of social media and smartphones has caused information shared by individuals to spread at an explosive pace. Consequently, the risk of companies facing defamation, slander, and reputational damage has also increased significantly.

Risks materialize unexpectedly as crises. A photo taken by a part-time employee as a prank gets posted online, putting the employing company in a tight spot. Whistleblowing occurs, not by an employee of the company itself, but by an employee of a subcontractor, who directly publishes it externally. Without fact-checking, this escalates into a boycott campaign. While whistleblowing is protected by law and some companies have dedicated helplines for it, these mechanisms sometimes fail to function as intended. Instead, the information is suddenly posted online, becoming "public."

Furthermore, while many B2C companies prioritize brand strategy, they still face situations where their products fail to sell due to negative rumors surrounding affiliated sales companies. Online backlash incidents are also increasing year by year. Sometimes they are triggered by an employee's inappropriate post, while other times they erupt from a customer's post. Either way, the company's image suffers significant damage.

Another critical issue for companies is the risk that websites containing negative information appear high in search results, now that online searches are routine. Search engines are increasingly seen as semi-official tools, leading many to assume information on the first page of results is "correct." Furthermore, since searches are purpose-driven, even accidentally encountered negative information tends to stick in people's minds. People considering online purchases often compare products from different companies, and naturally, they tend to lose interest in products with a lot of negative information.

Online rumors can also cast a shadow over important corporate business strategies. For example, it's increasingly common for companies to research online rumors when deciding whether to proceed with M&A. If there are many negative rumors related to labor issues, many companies abandon the M&A deal, concerned about post-acquisition risks.

Controlling the visibility of negative information in search results is a critical challenge.

Information that was once difficult to surface can now spread rapidly throughout society because every individual user possesses the power to disseminate information. However, can public authority effectively suppress the spread of malicious or sensationalist slander and rumors? Given the nature of the internet, this is quite difficult to achieve. For corporate risk management, self-help efforts are essential. This involves establishing media policies to curb the spread of careless rumors from internal sources and stakeholders. Alternatively, monitoring the internet is necessary to exert control, even if complete suppression is unattainable.

This is where Online Reputation Management (ORM) becomes crucial as a web risk countermeasure. ORM is said to have become a $5 billion market in the US by 2015, but unfortunately, understanding of it remains limited in Japan. Some management even confuse ORM with cyberattack countermeasures.

The first crucial step in ORM is establishing an internal organizational structure. Even if a company has a dedicated crisis management department, it might not be clear whether that department oversees web risks. If not crisis management, then does PR handle it? Or is it left to the technical department? Often, while this organizational structure remains unresolved, a problem suddenly arises. At that moment, internal finger-pointing continues, and before you know it, a crisis erupts, rapidly escalating the damage.

Alongside establishing this structure, a web risk assessment must be conducted at least once. Risks can lurk in events from the distant past. Furthermore, it's common for scandals at partner companies to spread and affect your own. These points – "past events" and "other companies" – are actually blind spots for many organizations.

In web risk management, while swift response when problems arise is essential, ongoing monitoring during normal operations is equally indispensable. Fundamentally, in the online world, it's impossible to completely prevent negative information from being posted. Furthermore, once information is posted, even if it's incorrect, it often cannot be deleted and remains online indefinitely. Countermeasures must be devised based on this understanding. If malicious sites appear high in search results, measures must be taken to lower their ranking. This is a crucial strategy within Online Reputation Management (ORM).

Additionally, for post-incident response, I believe it's crucial to accurately quantify the lost opportunities resulting from a backlash to recognize the importance of web risk management. For companies providing products or services in a B2C business model, how many sales opportunities were missed? While this is a figure that's difficult to obtain without engaging a specialized service provider, it's worth pursuing as a first step toward recovery.

The "customer experience" begins the moment users access the internet

For instance, some restaurant chains are taking advanced steps, using online reputation as a metric to drive store and operational improvements. Since some level of online reputation is inevitable, it's necessary to implement control measures while also proactively leveraging that reputation for improvement and reform.

Another point to reaffirm is that ORM also provides an opportunity to reassess the "experience value" for customers. In today's marketing landscape, "user experience" is highly valued from the perspective of enhancing the value derived from experiencing a product or service. However, the common perception is that this experience begins when the user interacts with the company's product or service. Yet, many people first research the reputation (reviews) before purchasing the intended product. At that point, the user experience has already begun. In other words, the reputation itself impacts the experiential value.

Therefore, companies must actively engage in managing and controlling this reputation. One could even say marketing begins with ORM (Online Reputation Management) strategies. I believe we have entered an era where this perspective is essential.

---

　

ELTES

Since 2007, Eltes has operated as a specialized web risk consulting firm, protecting companies from online slander and brand image damage. We provide one-stop solutions for all web risks, encompassing everything from building corporate web management systems to early detection and prevention of web risks, emergency response during crises, and post-incident management.