Notes
Slide Show
Outline
1
PR and Cybersmear Campaigns
  • How to avoid and fight online reputation attacks against your clients…what every PR professional needs to know
2
What is a cybersmear campaign?
  • It’s an organized campaign designed to intimidate, harass or adversely affect the reputation of a company or representative of that company
  • It may start out innocently or as an angry communication, but builds to have a potentially serious affect on the business, operations or reputation of the company or its representatives
  • It may start out small and build with the help of unwitting accomplices manipulated into supporting the campaign
3
How does it work?
  • Rumors and innuendo
  • Stock manipulation
  • Personal attacks and harassment
  • Cyberstalking and cyber-harassment
  • Posing and impersonation
  • Cybersmear by proxy
  • Communications with key stakeholders
  • Anonymous defamatory statements
  • Getting competitors and regulators involved
4
Cybersmear and the Law
  • Defamation
  • TOS violations, acceptable use policy violations
  • Cyberstalking and harassment
  • SEC violations
  • Regulatory violations
  • False light and common laws
  • Intellectual property crimes and violations
  • Hacking, cyber-espionage, unfair trade practices and fraud…Oh! My!!
5
What can anyone do about it?
  • The best time to consider this is BEFORE it occurs
  • Create a cyberattack committee or team
  • Keep a cyber-eye out for anything posted online about your company, key executives and employees and products
  • Alert your IT people to watch for SPAM referencing any of the above
  • Terminate access for any problematic employees, agents and contractors
  • Monitor employee communications and set rules about permitted and inappropriate technology uses
  • Google your company and watch the blogs (feedster.com and other similar service)
6
The role of the PR professional in protecting the reputation of the client
  • PR is crucial and should help lead in these issues
  • PR must be a member of the cyberattack team and help identify crisis spokespeople
  • PR must maintain credibility with industry and mainline media and press
  • PR must deliver the message positively, without feeding the misinformation
  • PR needs to be well-informed about the company’s operations, businesses and strategies
  • PR needs a good working relationship with legal and IT, as well as management
  • PR needs to identify possible breaches and targets
  • PR has to think like an attacker…how would you attack reputations and business?
7
Anatomy of a cybersmear
  • Sounds plausible
  • Builds on provable facts and statements
  • Relies on anonymity of the attacker
  • Relies on the gullibility of certain media and others online, like influential bloggers
  • Gives a suggested outcome and suggested places to launch attacks
  • Targets key stakeholder within and without
8
Things you can do in advance…
  • Register the URL of all permutations of your brands
  • Register all permutations of your brands in blogging services
  • Register all of the above with “bash,” “hates,” “sucks” or similar terms
  • Get online and after-hour contact information for media, press and key stakeholders – analysts and shareholders, major ISPs, and police
  • Inform senior management and unions, as well as board members of the possibility of cybersmear and what to do if contacted
  • Put in systems to collect evidence and work with IT on tracing methods and with legal on subpoena execution
9
Selling it to Management
  • Find ways to prove the value to management – upside and downside
  • Fear and greed motivate
  • Find the ROI, get legal, HR, risk managers and IT on your side
  • Do some research
  • Do some sensitivity training on online reputation risks – tie it to cyberharassment and cyberbullying in the media
10
Cyberattack Team Make-up
  • PR
  • Legal, consumer relations and HR
  • Brand managers
  • Marketing
  • IT and website/services management
  • Insurance and risk managers
  • Corporate communications (if separate from PR)
  • Senior management and at least one board member
11
Understanding the Cyber-Breadcrumbs
  • Everyone leaves behind an IP address
  • Static and dynamic IP addresses
  • Civil subpoena or law enforcement subpoena process
  • Preserving the records
  • How to read a header – what it shows
12
Things to think about
  • Insuring the risk
  • Early warning systems with IT and HR
  • If monitoring employees, check with unions
  • Tracking news releases about your client
  • Holding seminars and workshops within the company to raise awareness
  • Learning more about the problem
13
To contact me or for more information
  • parry@aftab.com
  • www.Aftab.com
  • www.ThePrivacyLawyer.blogspot.com
  • The Privacy Lawyer column for Information Week Magazine (informationweek.com)
  • 201-463-8663